Configure remediation actions

After security configuration assessment, there may be settings that do not comply with the SCAP profile that was used. Many of these settings can be adjusted by Security Analysis Solution (SAS). However, this is not done by default. You must first enable remediation of the policy, then decide which rules you want to have fixed within each policy.

Define remediation actions

To define remediation actions, do the following steps:

1. Select a Security Analysis and Remediation Policy that you have created. If you haven't done this step, go to Create a Security Analysis policy.
2. Click the Policy Configuration secondary tab just below the main console tabs.
3. Under the General section, select the Remediate after analysis check box.
4. Under Remediate after analysis, select the desired Approval type.
5. Click the Remediation Actions secondary tab just below the main console tabs.
6. Select the check boxes next to each profile rule that you want to remediate.
   • Optionally, you can select an alternate client task that you have previously defined to be performed when this rule is out of compliance. You may also select entire groups by checking the box next to the group.
7. Click Save.

What to expect

The next time the managed computers are analyzed the policy will check for a configured remediation action for any non-compliant result. The policy will then generate a task for each computer with commands to attempt to bring it into compliance. These tasks must be approved before they will be run on the computers. For more information on approvals, see Approving remediation.