Secure Configuration Manager enables you to manage the risks inherent in an IT landscape. First, you must identify and run the security checks and policy templates representing the security and system configuration policies you want to enforce. For more information about running security checks and policy templates, see Section II, Auditing Your Managed Assets. Next, use the reported results to evaluate asset compliance and establish a prioritized remediation plan to protect against the discovered vulnerabilities. Secure Configuration Manager provides a set of evaluation tools to help you determine how well each IT asset in your environment complies with your policies and to streamline the evaluation and remediation process.
With each of these tools, you can browse endpoint data to see exactly which checks in the policy template failed and learn how to remediate the issue.
Available only in the Web console.
Provides a web-based method for executives and system administrators to visualize the compliance and risk status of IT assets in tables or charts and graphs. Users can drill down into the specific security checks to identify where the endpoints fail and determine how to remediate the problems. They can also create and apply exceptions for endpoints and security checks in the viewed policy template results.
For more information, see Using the Web Console for Evaluation.
NOTE:The Web console also supports aggregated reports that combine the results of multiple policy templates run against a wide variety of endpoints. For more information, see Section 8.0, Using Dynamic Reports to Evaluate Endpoints.
Available only in the Windows console.
Provides Windows console users a method for determining which settings on an unknown or noncompliant endpoint vary from a known, secure endpoint so IT managers can more efficiently remediate the issues. Console users can also evaluate changes to an endpoint’s results between policy template runs.
Available only in the Windows console.
Provides Windows console users a starting point in the Secure Configuration Manager console for identifying which IT assets are out of compliance with the enterprise’s security standards, and whether the vulnerability of those systems poses a high, medium, or low risk.
Provides a Web-based interface for executives and managers to view the overall compliance of their IT assets and to perform a more granular assessment of specific groups and computers.
You can also configure Secure Configuration Manager to automatically notify you when an asset falls out of compliance. Receiving notifications can help you expedite the remediation process. If your company uses a change management ticketing system to manage remediation efforts, you can configure Secure Configuration Manager to send an email to your change management system when an asset falls out of compliance.