You can convert and import the SCAP benchmarks you download from the NIST web site. You can run these policy templates in the Secure Configuration Manager console to assess endpoints monitored by NetIQ security agents for UNIX and Windows.
You can import any properly formatted SCAP content for the supported endpoint types, and then use the content within Secure Configuration Manager. You can download SCAP content from the NIST Web site. For a current list of sources with SCAP content, see the NetIQ Knowledgebase Article 7771203.
Some data files for SCAP benchmarks contain multiple profiles that specify which security checks are included in the policy template and their associated parameter values. When importing a converted SCAP policy template into Secure Configuration Manager, you can specify which profile you want to import. Secure Configuration Manager places the imported policy templates under the Security Knowledge > Policy Templates > SCAP Templates heading. For more information about working with policy templates, see the NetIQ Secure Configuration Manager User Guide.
NOTE:When using the XCCDF Conversion Utility to import properly formatted XCCDF content into Secure Configuration Manager, if you select the Perform schema validation on selection check box, the console computer must have Internet access.
To convert and import an SCAP benchmark:
Run the XCCDF Conversion Utility.exe file where you installed the component. By default, this file is located in the C:\Program Files (x86)\NetIQ\Secure Configuration Manager\Core Services\XCCDF Converter folder.
In the Source field, browse to the SCAP benchmark that you want to import and click Import.
In the Destination field, browse to the folder where you want to save the specified SCAP template in .tpl format and click Accept.
Double-click the profiles that you want to associate with the SCAP template.
Click Process Content.
Log on to a Secure Configuration Manager console computer with a console user account that has the Import Policy Template permission.
Expand Security Knowledge > Policy Templates.
Right-click Policy Templates, then click Import Policy Template.
Select the policy template that you want to import, then click Open.
Once you determine which policy templates you need to run to generate compliance reports, you can schedule one-time or recurring jobs for each template. Secure Configuration Manager generates a report for each job you run, which you can review in the Job Queues > Completed Jobs pane.
The SCAP module adds an option to the Run Policy Template wizard and the offline assessment feature that enables you to exclude Open Vulnerability and Assessment Language (OVAL) notes for successful checks from the report results. OVAL is a set of standards created by the information security community for assessing and reporting consistent and actionable information about the machine state of a computer system. When you run an SCAP policy template, the OVAL notes in the report provide the logic underlying the pass/fail result for each technical control assessed by the template. For example, if you run the policy template for the first time, you might consider including the OVAL notes to help determine why endpoints fail certain checks. Alternatively, if you have remediated all issues and want to submit a streamlined compliance report, you can select Suppress OVAL Notes in the Policy Template Wizard when you run the template. To suppress the OVAL notes in offline assessment results, see Step 4.
For more information about working with policy templates, see the NetIQ Secure Configuration Manager User Guide.