Creating a Policy
Creating a Security Analysis policy
Requirements
- You must have at least one profile imported to create a policy. See Security Profiles to complete this step.
- You must have at least one computer under management that meets the profile's intended target and it must have completed the Common Platform Enumeration (CPE) analysis task before it will exist in the computer filter related to the profile's intended target. See Verifying CPE Filter Membership to verify.
Steps
- Visit the Policies tab and navigate to the Security Analysis folder.
- Right-click on the Security Analysis folder and select New > Security Analysis Remediation Policy
- Enter a name for this policy.
- Select a profile that was imported earlier. The Applies To section should get updated with the computer filter described in the previous section.
- Select a scoring model.
- Click on the Schedule tab in the Settings section and define when the assessment should run.
- Click Save.
Next Steps
- Remediation actions must be selected on a per-rule basis before any remediation is performed. See Configuring Remediation Actions for more information.
- Once remediation actions have been defined within the policy and results have been gathered on the managed computers, the remediation job must be approved before delivered to the computers. See Approving Remediation for more information.