Configuring Compliance Checks

If you subscribe to the BSA Essentials Subscription Services, you have access to dozens of compliance rules and their components, known by content developers as compliance checks.

The kinds of checks you have access to depends on your content subscription, but can include such checks as the latest patch supplements for Microsoft Windows, current regulatory compliance policies (for example, FISMA, Sarbanes-Oxley), user-created checks distributed by the content developer community, daily updated vulnerability content, and so on.

If you do not subscribe to BSA Essentials Subscription Services, you will not see any compliance checks in your audits, audit policies, snapshots, or the Compliance Check Editor. If you would like more information on content subscriptions and obtaining compliance checks, contact your BSA Essentials Subscription Services sales representative.

While each compliance check is slightly different and requires its own configuration values, the basic parameters for each check require that you define the Target Value — the expected value you want to find on the server — and an optional Remediation Value.

For more information on managing your core’s compliance checks, such as editing check property data or creating compliance check groupings, see Compliance checks .

To configure compliance checks in audits or snapshot specifications:

  1. Create an audit or snapshot using one of the methods described in Creating an audit . (If you want to create this rule for a snapshot specification, see Creating a snapshot specification .)
  2. Select an Audit Source: Server, Snapshot, Snapshot Specification, or No Source.
  3. In the Audit window, from the Views pane expand the Rules object.
  4. Select the Compliance Checks rule.
  5. In the content pane of the Audit window, click Add .
  6. In the Select Check window, from the Browse tab, you can browse for the compliance checks categories and select a check for the audit or snapshot.

    Alternately, you can select the Search tab and search for check by name. The check search tool searches on the name of a check and any words in a check’s description. For example, if you wanted to find all rules that check for maximum password length, you could enter max password in the Keywords field.

    The Advanced search option allows you to set more specific parameters to find checks.
  7. When you select a check (or multiple checks using CTRL or SHIFT + click), click OK to add the checks to your audit.
  8. Select the check and then define or set the following parameters:
    • Input Value
    • Some custom checks require an input value as part of the configuration of the target value. For those checks, you will need to specify a success or failure which you can set to true or false. The Description section of the audit rule explains the recommended values.
    • Target Value
    • Specify the value that you expect to be on the target server or servers of the audit, or the value you want to capture in a snapshot. You can change the following parameters:
    • Operator: To build an expression from the output of the script, choose an Operator, such as equals (=), not equals (<>), less than (<), greater than (>), and so on.
    • Reference: Choose the source of the script output.
    • Source: This will use the value from the source server and compare that value to with the value found on the target server or servers.
    • Value: Enter your own value. This option uses the value you enter and compares it with the value returned on the target server. Click the icon get the value from the source server. The returned value is displayed in the text box, which you can accept as is or edit as needed.
    • Server Attribute: Select to compare a server attribute located on the source server.
    • Custom Attribute: Select to compare a custom attribute found on the target server.
    • Remediation Value: Each remediation value setting will be different depending on the type of rule, so choose accordingly.
  9. To finish configuring the audit, set the target servers, the schedule, and the notification for the audit.
  10. To save the audit, from the File menu, select Save. You can also save the Audit as a policy.See Saving an Audit or a Snapshot Specification as an Audit Policy.
  11. To run the audit, from the Actions menu, select Run Audit. See Running an audit .