Using the Dashboard

Using the Dashboard

The Dashboard displays data from the entire fleet of devices through various graphs, bar charts, and visual elements, helping users quickly grasp trends and key metrics. As the landing page, it is the first interface users see when accessing the system and serves as the main entry point to features offered by ThinkShield Firmware Assurance. Users can access detailed reports, device-specific analytics, and other critical functions, ensuring immediate access to essential data and tools. 

This centralized approach streamlines workflows and enhances overall efficiency in device fleet management. By providing an overview of fleet performance and status at a glance, the dashboard enables quick, informed decision-making, crucial for effective fleet management.

The Dashboard feature is positioned at the top of the left panel. 

This feature is available for Organization Admin and IT Admin.



Dashboard Widgets

Device Status

Displays the total count of devices across the organization, along with their status, indicating the onboarding state of each device.



Total Devices: displays the total count of devices in the organization.
  1. Active - The device is fully onboarded and provisioned. 
  2. Pending - The device is unlicensed or has not reported its provisioning status. This status indicates either the license has not been assigned yet, or there was an issue during onboarding or provisioning, requiring the user to onboard the device again.
  3. Unsupported - The enhanced embedded controller is not detected. The device lacks the hardware capability to report data for ThinkShield Firmware Assurance and will never report security data.

Fleet health

Displays the total count of devices across the organization, along with their current Health status (Security Posture). Uninitialized devices are reported as well.

  1. Healthy - No issues found recently.
  2. Unhealthy - Elements of the firmware are corrupt.
  3. Suspect - Check the event log; a recent event might indicate a problem.
  4. Uninitialized - No events reported yet.
The following events do NOT contribute to Security Posture status: Shutdown/Reboot event, System Boot event, Power On event.

Severity Distribution

Displays the total count of incidents detected across the fleet, categorized by severity level. Clicking the arrow icon redirects the user to the Incidents list, filtered by the selected severity level.
 


TSFA Agent Version Distribution

Displays the total count of devices using a specific version of TSFA Agent Windows app. Clicking the arrow icon redirects the user to the Device list, filtered by the selected Agent version.


  1. Org Settings - Displays the number of devices using the agent version specified in the organization's overall settings – For more information please refer to TSFA Agent Versioning on Organization Level.
  2. Newer - Displays the number of devices using agent versions newer than specified in Org settings.
  3. Older - Displays the number of devices using agent versions older than specified in Org settings.
  4. Unknown - Displays the number of devices that have not reported their agent version.

Incident Trend

Allows users to view trends for Incident and Security Posture statuses across custom time periods. Users can switch between these views using a dropdown menu. They can select preset time periods (with Last 7 days set as default) or choose a specific time range using a calendar.

In the Security Posture view, the graph legend is clickable, enabling users to hide or unhide graphs by clicking on individual legend items.


Security Posture refers to the security health of the device.

Incident Details

Allows users to drill down into detected incidents across the FWS device fleet.



Table columns:
  1. Event Type - Type of incident detected in the fleet.
  2. Count - Total number of incidents of a specific type since the creation of the organization.
  3. New Incidents - Number of incidents detected within a user-selected timeframe (default filter: 7 days).
Each row in the table features an expandable accordion that allows users to view the statuses of detected incidents. Each event type may have unique statuses associated with it.



    • Related Articles

    • Viewing and Setting Incident Severity Levels

      About Incident Severity Each incident, issue, or event on ThinkShield Firmware Assurance (TSFA) is assigned a Severity Level, which indicates the level of importance and suggests potential actions needed for a specific device. These severity levels ...

    • Using Device Lookup

      The Device Lookup page serves as a comprehensive information source, consolidating all data related to an individual device within the TSFA system. Designed to provide detailed insights, it facilitates the management and troubleshooting of devices. ...

    • TSFA Agent Versioning on the Device Level

      Version Control ensures that all devices within the organization adhere to a universal standard defined by the organization or IT administrators. This feature allows administrators to manage the ThinkShield Firmware Assurance (TSFA) agent version on ...

    • Installing a Sepio Agent

      This article explains how to install and uninstall a Sepio Agent on a Host. The Sepio Agent is a security tool that provides in-depth visibility and enforces policies on assets built into and connected to the Host. The Platform Management system ...

    • TSFA Agent Versioning on Organization Level

      Version Control ensures that all devices within the organization adhere to a universal standard defined by the organization or IT administrators. This feature allows administrators to manage the ThinkShield Firmware Assurance (TSFA) agent version ...