When you run a policy template, Secure Configuration Manager compares all the endpoints you specify to all the preferred security settings listed in the security checks of the policy template. When running a policy template against a group of endpoints, Secure Configuration Manager checks each endpoint in the group for each security check in the policy template. Secure Configuration Manager runs only the security checks that apply to the endpoint type. For example, security checks related to Active Directory run only on Windows computers.
You can run policy templates at any time. To gather data for a specific period of time, you can run reports from the database rather than have the agent collect current data from the endpoint. The database maintains results from previous runs of each policy template. If you want to detect changes to systems in your enterprise and ensure that a positive trend for compliance with your organizational security policies, you can schedule policy templates to run on a regular basis. You can compare results for each run using the delta report function. For more information about gathering security check or policy template data from the database, see Running Reports from the Database. For more information about delta reporting, see Section 10.0, Comparing Results of Assessments. For more information about scheduling, see Running Assessments on a Schedule.
If you do not know which policy templates or security checks you want to run, you can initiate a search based on several criteria. For example, you can search for policy templates based on keywords in the name or description, or in the name, description, or explanation of the security checks in the template. You can also search for security checks based on keyword, platform, category, and other criteria.
The time it takes to run a security check or policy template varies, depending on the number of checks and endpoints you select. Ensure that the report is complete before you view the resulting report in the Completed jobs queue. You can print or distribute the completed report to present compliance status results or to use as a remediation checklist. For more information about completed reports, see Viewing Assessment Results. For more information about distributing a copy of the report, see Enabling Report Distribution.
To run a policy template, your console user account needs the Run Policy Template permission. For more information, see Managing Permissions.
To run a policy template in the Web console, start from Manage > Endpoints or Assess > Policy Templates. For more information, see the Help in the Web console.
To view the available policy templates, see Knowledge > Policy Templates.
To run a policy template in the Windows console, select Security Knowledge > Policy Templates. For more information, see the Help in the Windows console.