×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
BMC Client Management 12.2 ... Using Introducing compliance management Custom Compliance Knowledge Center Compliance Rules for Compliance Management Compliance Rules

Compliance Base Information

The compliance evaluation is based on data collected by the CM agent on the network devices which are stored in the central CM database and made available by the master.

Data

The following types of data stored in the CM database can be used to define the compliance of a device:

  • basic device data which is provided directly by the agent of the respective device
  • hardware or software information, which can be found in the hardware and software inventories
  • security settings, which can be found in the security and patch inventories and
  • custom settings, which are collected in the custom inventory.

Some of these inventories such as hardware and software are regularly updated by the agent, others like the custom, security and patch inventory, are filled in with their data by operational rules. Most of the relevant steps for these rules can be found in the following step classes (for more detailed information about the available steps and parameters refer to the respective topic in the Operational Rules section):

  • Security Inventory - This step class collects specific security information about the Windows group policies such as log settings, administrator privileges, security settings, account settings, and so on It also contains a number of steps collecting Unix based security settings, such as run level commands, and so on All this information is collected in the security inventory.
  • Patch Management - Via the steps of this class you can establish the patch inventory of a device, that is, collect the list of missing patches. This information is collected in the patch inventory.
  • Custom Inventory - This class contains any specific type of inventory that you might want to know, such as the registry, ini file or environment values, printer information, and so on All collected information is part of the custom inventory.
  • Monitoring - The steps in this class collect information about installed software, available disk space, memory usage, and so on All this information is collected in the custom inventory.
  • Power Management - This class of steps collects the information about the Power Management or GreenIT settings of the devices, that is, hibernation and shutdown settings, and so on All this information is collected in the custom inventory.
  • Windows - This step class provides steps with which general Windows information and its users can be collected, such as the logged users, registry and service information, and so on All this information is collected in the custom inventory.

The hardware and software inventory and parts of the custom inventory are automatically updated by the CM agent according to a specifically defined schedule. This schedule can be modified in its frequency and specific intermediary updates of the inventories can be requested and executed via operational rules as well. For more information about this subject refer to the Inventory manual.

Classes

All the data available for the compliance criteria as explained in the preceding paragraph is sorted into classes according to their type of origin, that is, by which type of inventory it was collected. In total the following data classes are available:

  • Custom Inventory - this class provides the data for all criteria about the company custom defined inventory data, such as location, asset tags, and so on.
  • Hardware Inventory - this class provides the data for all hardware related criteria.
  • Patch Inventory - this class provides the data for all patch related criteria. Hidden patches will not be taken into account for compliance evaluation.
  • Security Inventory - this class provides the data for all device security related criteria.
  • Software Inventory - this class provides the data for all software related criteria.
  • Basic - this class collects all basic device and general inventory data provided directly by the agent.

Tables

Most of the previously listed classes before collect huge amounts of different types of data. For easier management and usability these were sorted into different tables in a logical way. For example, the hardware inventory is sorted in tables according to the hardware attribute type, that is, BIOS, memory, processor, and so on It is from these tables that the individual criteria are selected for the compliance rules.

Was this page helpful? Yes No Submitting... Thank you
Last modified by Confluence Admin on May 06, 2016

Comments

Log in or register to comment.

Compliance Rules
Compliance Evaluation
© Copyright 2013 - 2020 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use. BMC,the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.