Using the TSFA Dashboard Widgets

Using the TSFA Dashboard Widgets

Organizations with a ThinkShield Firmware Assurance (TSFA) license see the corresponding TSFA feature widgets directly on the Lenovo Device Orchestration Dashboard. These widgets are fully integrated into the main Dashboard and appear automatically when the organization holds an active TSFA license; there is no separate TSFA Dashboard.

The Dashboard is the first interface users see when accessing the system and serves as the main entry point to ThinkShield Firmware Assurance. It displays data from the entire device fleet through various graphs, bar charts, and visual elements, helping users quickly grasp trends and key metrics. 

Users can access detailed reports, device-specific analytics, and other critical functions, ensuring immediate access to essential data and tools. This centralized view streamlines workflows and supports quick, informed decision-making for effective fleet management.

The Dashboard feature is positioned at the top of the left panel. 

Info
  1. This feature is available for Organization Admin and IT Admin.
  2. Widgets related to device security display data only if one or more devices in your organization are assigned licenses and reporting data. 


TSFA Dashboard Widgets

Secure Device Status

Displays the total count of devices across the organization, along with their status, indicating the onboarding state of each device.

Total Devices: displays the total count of devices in the organization.
  1. Active - The device is fully onboarded and provisioned. 
  2. Pending - The device is unlicensed or has not reported its provisioning status. This status indicates either the license has not been assigned yet, or there was an issue during onboarding or provisioning, requiring the user to onboard the device again.
  3. Unsupported - The enhanced embedded controller is not detected. The device lacks the hardware capability to report data for ThinkShield Firmware Assurance and will never report security data.

Fleet Security Health

Displays the total count of devices across the organization, along with their current Health status (Security Posture). Uninitialized devices are reported as well.
  1. Healthy - No issues found recently.
  2. Unhealthy - Elements of the firmware are corrupt.
  3. Suspect - Check the event log; a recent event might indicate a problem.
  4. Uninitialized - No events reported yet.
Info
The following events do NOT contribute to Security Posture status: Shutdown/Reboot event, System Boot event, Power On event.

Severity Distribution

Displays the total count of incidents detected across the fleet, categorized by severity level. Clicking the arrow icon redirects the user to the Incidents list, filtered by the selected severity level.

Incident Trend

Allows users to view trends for Incident and Security Posture statuses across custom time periods. Users can switch between these views using a dropdown menu. They can select preset time periods (with Last 7 days set as a default) or choose a specific time range using a calendar.

In the Security Posture view, the graph legend is clickable, enabling users to hide or unhide graphs by clicking on individual legend items.

NotesSecurity Posture refers to the security health of the device.

Incident Details

Allows users to drill down into detected incidents across the FWS device fleet.

Table columns:
  1. Event Type - Type of incident detected in the fleet.
  2. Count - Total number of incidents of a specific type since the creation of the organization.
  3. New Incidents - Number of incidents detected within a user-selected timeframe (default filter: 7 days).
Each row in the table features an expandable accordion that allows users to view the statuses of detected incidents. Each event type may have unique statuses associated with it.

Display Customization with LDO License 

If your organization has a Lenovo Device Orchestration (LDO) license, LDO features and related widgets are available. See Using the Dashboard in LDO and Customizing the Dashboard articles for more information.  


    • Related Articles

    • Viewing and Setting Incident Severity Levels

      About Incident Severity Each incident, issue, or event on ThinkShield Firmware Assurance (TSFA) is assigned a Severity Level, which indicates the level of importance and suggests potential actions needed for a specific device. These severity levels ...

    • Using Device Lookup

      The Device Lookup page serves as a comprehensive information source, consolidating all data related to an individual device within the TSFA system. Designed to provide detailed insights, it facilitates the management and troubleshooting of devices. ...

    • Managing Devices within TSFA

      To access devices within your organization's portal, navigate to Devices Manager > Devices. Device Table The Device Table provides regular information pertaining to each device, such as Device Name and Type, Serial Number, License, etc. It also ...

    • Setting Incident Notifications

      Incidents This feature allows users to customize their alert preferences based on the severity level of incidents: Low and higher, Moderate and higher, or High only. When an incident matches the selected severity level, users are promptly notified ...

    • Installing a Sepio Agent

      This article explains how to install and uninstall a Sepio Agent on a Host. The Sepio Agent is a security tool that provides in-depth visibility and enforces policies on assets built into and connected to the Host. The Platform Management system ...