Policy templates let you quickly and easily determine the compliance of your entire enterprise with your security policies. Each policy template contains multiple security checks designed to search for a specific set of issues. Secure Configuration Manager includes a large number of built-in policy templates, organized in the following categories: Regulations, Bulletins, and Best Practices. For example, under Best Practices, the CIS Benchmark policy templates include security checks based on recommendations from the Center for Internet Security (CIS) and are certified by CIS.
Many built-in policy templates use the same security check multiple times to validate different system settings. When the template contains multiple instances of the same check, each instance can be identified by a unique name, or Check Alias. For example, the CIS Level One Benchmark for Windows Server policy template includes multiple instances of the User rights security check. The alias for the first User rights instance is “4.2.1 Access this computer from the network” to indicate that the check validates the status of network logon privileges on the endpoint. The second instance, “4.2.10 Create a pagefile,” validates privileges for creating page files.
You can modify the built-in policy templates or create new templates to express corporate technical standards and current industry standards.
The following table shows where you can learn more about policy templates.
|
If you want to ... |
See ... |
|---|---|
|
Understand how security checks score results |
|
|
Modify a built-in policy template |
|
|
Create a custom policy template |
|
|
Compare the results for policy template runs |
|
|
Evaluate endpoints based on policy template results |
|
|
Learn more about the AutoSync server |
|
|
Learn more about managing permissions in the console |