Configuring Remediation Actions

Owned by Anonymous
Last updated: Aug 05, 2015 by Max Pinion (Deactivated)
2 min read

After security configuration assessment, there may be settings that do not comply with the SCAP profile that was used. Many of these settings can be adjusted by Security Analysis Solution. However, this is not done by default. You must first enable remediation of the policy, then decide which rules you want to have fixed within each policy.

Define Remediation Actions

  1. Select a Security Analysis and Remediation Policy that you have created. See Create a Security Analysis Policy if this step hasn't been performed.
  2. Click on the Policy Configuration secondary tab just below the main console tabs.
  3. Ensure that the Remediate after analysis option is checked on the General section.
  4. Select the desired Approval type under Remediate after analysis.
  5. Click on the Remediation Actions secondary tab just below the main console tabs.
  6. Check the box next to each profile rule that you wish to have remediated.
    • Optionally, you can select an alternate client task that you have previously defined to be performed when this rule is out of compliance. You may also select entire groups by checking the box next to the group.
  7. Click Save.

What To Expect

The next time the managed computers are analyzed the policy will check for a configured remediation action for any non-compliant result.  The policy will then generate a task for each computer with commands to attempt to bring it into compliance. These tasks must be approved before they will be run on the computers. For more information on approvals, see Approving remediation.