Configuring Remediation Actions
Purpose
After security configuration assessment, there may be settings that do not comply with the SCAP profile that was used. Many of these settings can be adjusted by Security Analysis Solution (SAS). However, this is not done by default. You must first enable remediation of the policy, then decide which rules you want to have fixed within each policy.
Define
...
remediation actions
To define remediation actions, do the following steps:
- Select a Security Analysis and Remediation Policy that you have created. See [EDITING] If you haven't done this step, go to Create a Security Analysis Policy if this step hasn't been performedpolicy.
- Click on the Policy Configuration secondary tab just below the main console tabs.
- Ensure that the Under the General section, select the Remediate after analysis check box.
- Under Remediate after analysis option is checked on the General section, select the desired Approval type.
- Click on the Remediation Actions secondary tab just below the main console tabs.
- Check Select the box check boxes next to each profile rule that you wish want to have remediatedremediate.
- Optionally, you can select an alternate client task that you have previously defined to be performed when this rule is out of compliance. You may also select entire groups by checking the box next to the group.
- Click Save.
What
...
to expect
The next time this policy is run on the managed computers, a remediation job will be created for each computer that has any of these rules out of compliance. These jobs computers are analyzed the policy will check for a configured remediation action for any non-compliant result. The policy will then generate a task for each computer with commands to attempt to bring it into compliance. These tasks must be approved before they will be delivered to run on the computers. For more information on approvals, see [EDITING] Approving Remediationremediation.