...
...
Install Security Analysis Solution (SAS)
For instructions on how to install Security Analysis Solution ( SAS), go to Install Arellia Productsto (LINK: Install Thycotic Products).
Import SCAP
...
content
Import Security Content Automation Protocol (SCAP) content into the Arellia Thycotic Management Server (TMS):
- In the Security Manager console, click the Profiles tab.
- In the bottom left pane under Actions, click the Download Profiles... link.
- Locate the system profiles and click the check boxes of those you want to import.
- Click the Import Profiles button to start the import process.
Some profiles have multiple versions listed, depending on which version of the OVAL specification you're interested in analyzing. If you're not sure which version to import, then select the newest version (typically, you don't need more than one version of each profile).
Tip | ||
---|---|---|
| ||
Importing SCAP profiles can be time consuming, taking anywhere from five to ninety minutes depending on the server load and the number of profiles selected. For evaluation or demonstration purposes, we recommend you initially select only one or two profiles. |
Next Steps
Once theRun CPE Analysis Policy
After you import SCAP content, and after new profiles have been initially imported
, the Commonor whenever any new computers come in to be managed, run the Common Platform Enumeration (CPE) Analysis
Policymust be run onPolicy on the managed computers to determine which computers meet the requirements for the imported profiles
imported.
ByBy default, this task is run on the Daily schedule (nightly at 2:00 AM)
. If you would like to hurry this process along, visit the Common Platform Enumeration (CPE) Analysis Policy on the Policies tab under the Security Analysis folder and alter the schedule to suit your needs. This only needs to run once new profiles have been initially imported and whenever any new computers come in to be managed. For more information, see, but you can change the schedule to suit your needs by opening the CPE Analysis Policy in the Security Manager Console as shown in the following screenshot.
For details on how to identify computers and correlate profiles that are applicable to them, go to Targeting Managed Computers.
After the CPE
analysis policyAnalysis Policy has completed and determined which computers fit the requirements of the profiles, then you will
thencreate a Security Analysis and Remediation Policy, where you will select the profile, verify the targets and set the schedule for performing an assessment and possibly remediation. For more information on this process, see
[EDITING]Create a Security Analysis Policy.