Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Creating a Benchmark Profile

SUMMARY To create Center for Internet Security compliance scans, you must configure benchmark profiles. You use CIS compliance scans to test for Windows and Red Hat Enterprise Linux CIS benchmark compliance.

  1. Click the Vulnerabilities tab.
  2. In the navigation pane, click Administrative > Scan Profiles.
  3. On the toolbar, click Add Benchmark.
  4. If you want to use pre-defined centralized credentials, select the Use Centralized Credentials checkbox .

    Credentials that are used to scan Linux operating systems must have root privileges. Credentials that are used to scan Windows operating systems must have administrator privileges.

  5. If you are not using dynamic scanning, select a JSA Vulnerability Manager scanner from the Scan Server list.
  6. To enable dynamic scanning, click the Dynamic server selection checkbox.

    If you configured domains in the Domain Management window in the Admin tab, you can select a domain from the Domain list. Only assets within the CIDR ranges and domains that are configured for your scanners are scanned.

  7. In the When To Scan tab, set the run schedule, scan start time, and any pre-defined operational windows.
  8. In the Email tab, define what information to send about this scan and to whom to send it.
  9. If you are not using centralized credentials, add the credentials that the scan requires in the Additional Credentials tab.

    Credentials that are used to scan Linux operating systems must have root privileges. Credentials that are used to scan Windows operating systems must have administrator privileges.

  10. Click Save.