Secure Configuration Manager can help you automate much of the policy compliance effort through scheduled policy templates and automatic out-of-compliance notifications. To help your remediation efforts when endpoints fall out of compliance, Secure Configuration Manager can send emails to users, distribution lists, and change management systems.
NOTE:A console user can override the settings for compliance notifications in the Core Services Configuration Utility by selecting or deselecting the Enable e-mail compliance alerts option in the Run Policy Template and Run Security Check wizards.
If your organization includes systems that contain highly sensitive information or that must be continuously operational, you might want to be notified when report results indicate that an endpoint poses a security or operational risk. You can configure Secure Configuration Manager to send email notifications to individuals and distribution lists when endpoints become out of compliance with policy templates. By default, Secure Configuration Manager sends out-of-compliance notifications to the email address in the endpoint properties Contact Email field. For more information about adding an email address to an endpoint, see Section 2.5, Working with Endpoints.
NOTE:Out of Compliance email alerts include a link to the specified endpoint’s results in the Security Checkup Results Viewer. For more information, see Section 5.6, Using the Security Checkup Results Viewer for Evaluation.
To send email notifications to users:
On the Core Services computer, start the Core Services Configuration Utility in the NetIQ Secure Configuration Manager program folder.
On the Out of Compliance Alerts tab, set the Enable Email Alerts field to True.
Specify the appropriate value for each field.
Click OK to save the changes and close the Configuration Utility.
For best performance, restart both the NetIQ Core Services service and the console.
Every organization has complex workflows and change management processes that require adherence. Sending out-of-compliance alerts to a change management ticketing system uses your company-defined workflow to quickly address assets that fall out of compliance with policy templates.
NOTE:Out of Compliance email alerts include a link to the specified endpoint’s results in the Security Checkup Results Viewer. For more information, see Section 5.6, Using the Security Checkup Results Viewer for Evaluation.
To send an email notification to a change management system:
On the Core Services computer, start the Core Services Configuration Utility in the NetIQ Secure Configuration Manager program folder.
On the Out of Compliance Alerts tab, set the Enable Email Alerts field to True.
In the Email Change Management System field, specify the email address of the third-party change management system you want to notify when endpoints are out of compliance.
Click OK to save the changes and close the Configuration Utility.
For best performance, restart both the NetIQ Core Services service and the console.