3.4 Best Practice Recommendations

NetIQ recommends scheduling the SCAP policy templates and report output to run on a regular basis. However, the CyberScope Data Feed scheduled job requires that the Secure Configuration Manager database contain the latest policy template results for your SCAP endpoints. To avoid running SCAP policy templates at the same time that the CyberScope Data Feed job queries data results, ensure that the endpoint results already exist in the database. Use the following checklist as a guide to properly configure Secure Configuration Manager to report the latest endpoint results.

 

Checklist Items

To determine the average interval of time required between running policy templates and running the data feed report, run the SCAP policy templates for your online endpoints. Note the elapsed time between the start and completion of the runs. You can choose to run multiple templates concurrently.

Schedule the runs for the SCAP policy templates.

Determine the dates and times that you want to assess offline computers and to import the results to the Secure Configuration Manager database.

Schedule the CyberScope Data Feed job to run after the completion of the SCAP policy template runs and after the planned import of offline assessment data.