Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Configuring Remediation Actions

Purpose

After security configuration assessment, there may be settings that do not comply with the SCAP profile that was used. Many of these settings can be adjusted by Security Analysis Solution. However, this is not done by default. You must first enable remediation of the policy, then decide which rules you want to have fixed within each policy.

Define Remediation Actions

  1. Select a Security Analysis and Remediation Policy that you have created. See Creating Create a Security Analysis Policy if this step hasn't been performed.
  2. Click on the Policy Configuration secondary tab just below the main console tabs.
  3. Ensure that the Remediate after analysis option is checked on the General section.
  4. Select the desired Approval type under Remediate after analysis.
  5. Click on the Remediation Actions secondary tab just below the main console tabs.
  6. Check the box next to each profile rule that you wish to have remediated.
    • Optionally, you can select an alternate client task that you have previously defined to be performed when this rule is out of compliance. You may also select entire groups by checking the box next to the group.
  7. Click Save.

What To Expect

The next time this policy is run on the managed computers, a remediation job will be created for each computer that has any of these rules out of compliance. These jobs computers are analyzed the policy will check for a configured remediation action for any non-compliant result.  The policy will then generate a task for each computer with commands to attempt to bring it into compliance. These tasks must be approved before they will be delivered to run on the computers. For more information on approvals, see Approving Remediationremediation.