20.0 Creating Exceptions within an Assessment Report

You must have specific permissions to perform this function. For more information, speak to the Secure Configuration Manager administrator.

When viewing an assessment report for a policy template run, you can create exceptions for the endpoints, groups of endpoints, and security checks in the report. The Web console can then regenerate the report to apply the exceptions, if the exception does not need to be approved. The updated report shows Applied in the Exceptions column in Reports > Assessment Reports.

NOTE:You can also create exceptions without running a policy template against the desired endpoints.

For more information, see the NetIQ Secure Configuration Manager documentation.

To create an exception from an assessment report:

  1. Open the assessment report for the policy template for which you want to make the exception.

  2. (Conditional) To make an exception based on a security check, select the Security Checks tab.

    The Create exception wizard prompts you later to specify the endpoints or groups that you want to associate with the selected security checks.

  3. (Conditional) To make an exception based on an endpoint or group, select the Endpoints tab.

    The Create exception wizard prompts you later to specify the security checks that you want to associate with the selected endpoints or groups.

  4. Select the security checks or endpoints that you want to except, then click Create exception.

  5. (Conditional) If you selected security checks in Step 4, specify the endpoints that you want to except from the security check results.

  6. (Conditional) If you selected endpoints or groups in Step 4, specify the security checks whose results you want to exclude from the report.

  7. Click Next.

  8. Specify the Properties of the exception.

  9. (Optional) To create a custom reason, click Add new reason.

    You should also enter a Description of the reason so that other users can understand the reason’s purpose.

  10. Click Enable to activate the exception.

  11. (Optional) To set a time limit on the exception, specify start and end dates.

    If you do not specify a value for End date, the exception never expires.

  12. Click Create.

  13. (Optional) Create another exception.

  14. To apply the exceptions, click ... > Apply exceptions.

    NOTE:In some organizations, exceptions must be approved before they can go into effect in an assessment report.

  15. To view the report with exceptions applied, return to Reports > Assessment Reports and open the report, which should now say Applied in the Exceptions column.

    You can also edit the exception within the report.