Walkthrough: Loading compliance content

This topic walks you through the process of loading compliance content. It includes the following sections:

The video at right demonstrates the process of installing compliance content.

Introduction

This topic is intended for system administrators who are in charge of enforcing regulatory compliance in the data center.

The goal of this topic is to demonstrate how to install out-of-the-box Compliance Content libraries into BMC Server Automation (BSA), so that you can use the component templates in these libraries as the basis for analyzing regulatory compliance in your data center.  

What is compliance content?

BMC Server Automation Compliance Content libraries contain rule sets to automatically analyze the compliance of servers with regulatory standards and best-practice policies, including HIPAA, DISA STIG, SOX, PCI, and CIS. Results from analyses performed based on Compliance Content component templates can be used both to document the current situation (that is, to generate compliance reports) and as a basis for bringing non-compliant servers into full compliance with the standard (that is, to perform compliance remediation).

For more information, see Overview of Compliance Content add-ons.

What do I need to do before I get started?

  • This example assumes that you have already performed the following tasks in your BSA environment:
  • For this walkthrough, we have logged on as BLAdmin, the default superuser for BSA.  Note that in live deployments, BMC recommends that you grant access based on roles with a narrower set of permissions. Ensure that the role that you use has permission to write to the Component Templates and Depot folders and to create properties in component templates and depot files.

How to load compliance content

 This section walks you through the process of installing and loading compliance content into the BSA Application Server on a Microsoft Windows computer:

  Procedure Example screen

1

In the temporary folder where you stored the BMC Server Automation installers that you downloaded from the EPD site, locate the Compliance Content installation executable file. This file has a name such as Content86-WIN, depending on the exact version number and operating system.

Run the Compliance Content installation executable file to launch the Compliance Content installation wizard.

2

Click Next on the Welcome page.

3

Select I agree to the terms of the license agreement, and then click Next.
4 Choose a profile and specify a BMC Server Automation user and password for loading the compliance content, and then click Next.
5 Accept the detected Application Server host name where compliance content will be loaded, and then click Next.
6 To view the variety of component templates that are installed by the Compliance Content installer or to select which ones to install, choose a Custom installation, and then click Next.
7 From the tree display select the policies and operating systems for which you want component templates for the analysis of regulatory compliance, and then click Next.
8 Accept the default location for the temporary directory where compliance content will be extracted or specify a different location, and then click Next.
9 On the Preview page click Install.
10

After installation has completed (this might take some time, depending on how many component templates you selected to install), you can optionally click View Log to open the installation log.

To exit the installation wizard, click Done.

11 To verify that the Compliance Content libraries have loaded successfully, open the Component Templates folder in the BMC Server Automation console and browse through the newly created subfolders of component templates for the various policies.

For more detailed installation instructions (including silent installation), see Installing Compliance Content add-ons.

Wrapping it up

Congratulations! You have successfully loaded compliance content libraries. The component templates provided in these libraries are ready for use in policy-based compliance analyses, as described in Walkthrough: Compliance audit based on a policy.

Where to go from here

For an example of a policy-based compliance audit, see Walkthrough: Compliance audit based on a policy.

Was this page helpful? Yes No Submitting... Thank you

Comments