Using the Dashboard in TSFA

Using the Dashboard in TSFA

The Dashboard is the main entry point to ThinkShield Firmware Assurance. It provides a centralized view of device fleet data through graphs and visuals, helping users quickly understand trends and key metrics.

Organizations with a ThinkShield Firmware Assurance (TSFA) license see TSFA-specific widgets directly in the Lenovo Device Orchestration Dashboard. There is no separate TSFA dashboard.

TSFA widgets provide visibility into device security posture distribution, trends over time, and detected incidents across devices. They are displayed automatically when a TSFA license is present.


TSFA widgets

Secured Device Status

Displays the total count of devices across the organization, along with their status, indicating the onboarding state of each device.

Total Devices: displays the total count of devices in the organization.
  1. Active - The device is fully onboarded and provisioned. 
  2. Pending - Provisioning is incomplete or has failed. The device is unlicensed or has not reported its provisioning status. This status indicates either the license has not been assigned yet, or there was an issue during onboarding or provisioning, requiring the user to onboard the device again.
  3. Unsupported - The enhanced embedded controller is not detected. The device lacks the hardware capability to report data for ThinkShield Firmware Assurance and will never report security data.

Fleet Security Health

Displays the total number of devices and their current health status  (Security Posture). Uninitialized devices are reported as well.
Healthy - No issues detected.
Unhealthy - The device is reporting events but is not compliant..
Suspect - Potential risk identified based on event evaluation. Check the event log; a recent event might indicate a problem.
Uninitialized - The device is not reporting data.

The following events do NOT contribute to Security Posture status: Shutdown/Reboot event, System Boot event, Power On event.

Prevalence model summary

Displays the most prevalent security incidents across devices.
Incidents are considered prevalent when they exceed defined thresholds within a specified time period. This helps identify frequently occurring issues that may require attention. Click the small arrow to select a period of time.

Security Incident Details

Allows users to drill down into detected incidents across the FWS device fleet.
Table columns:
  1. Type - Type of incident detected in the fleet.
  2. Count - Total number of incidents of a specific type since the creation of the organization.
  3. New Incidents - Number of incidents detected within a selected time range. Default is 7 days. You can change it using the calendar.
Each row can be expanded to view additional details. Selecting a status redirects to the Incidents view.

Security Incident Trend

Displays trends for security incidents and security posture over time.
Users can:
  1. View data across predefined or custom time ranges
  2. Switch between incident and posture views
This helps identify patterns and changes in device security over time.
In the Security Posture view, the graph legend is clickable, enabling users to hide or unhide graphs by clicking on individual legend items.



    • Related Articles

    • Using the Dashboard in LDO

      The Dashboard is the home page of Lenovo Device Orchestration, providing an at-a-glance overview of the devices in your organization and related information. It consists of multiple widgets, each representing a different category of device ...
    • Getting Started with TSFA

      ThinkShield Firmware Assurance (TSFA) evaluates device security posture based on events generated by devices. TSFA can be used independently. A TSFA license is required to use TSFA functionality, whether it is used on its own or together with Lenovo ...
    • Customizing the Dashboard

      Lenovo Device Orchestration allows administrators to choose which features - represented as widgets - will be displayed on the dashboard. By default, all widgets are enabled. To customize the dashboard, go to Organization Settings > Dashboard ...
    • Troubleshooting TSFA

      TSFA device issues are typically related to compatibility, provisioning, or communication between the device and the system. Use the device status and security posture values to identify and troubleshoot these conditions. Device Status Issues BIOS ...
    • TSFA Settings

      Managing Incident Severity and Notifications Settings are available for Org Admins and IT Admins under Configurations & Settings > Organization Settings > TSFA Settings. It allows to customize alert preferences by incident severity: Low and higher, ...