×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Space banner

   

This version of the product has reached end of support. The documentation is available for your convenience. However, you must be logged in to access it. You will not be able to leave comments.
BMC Client Management 12.8 ... Using Managing compliance Scap job wizard

Defining the SCAP job

In this first step, the SCAP job and all its specific parameters must be defined.

Note:

Be aware, that you need to already have downloaded the package you want to use, for example from the [ NVD (National Vulnerability Database) of the NIST (National Institute of Standards and Technology)|http://web.nvd.nist.gov/view/ncp/repository] website, before you can define a SCAP job. It would even be easier, if you had not only downloaded but already imported it into CM , however, this is not mandatory, it can also be done during the SCAP job wizard.

To do so, proceed as follows:

  1. Enter a self-explicatory name for the new SCAP job into the Name box.

    If you leave this text box empty, it is automatically filled with the name of the benchmark once you selected it.

  2. Optional: Enter some additional explanation into the Notes box.
  3. Optional: Select the directory in which the new SCAP job is to be created in the Folder box. By default it is created directly under the main node.
  4. Define which SCAP package to use. For this you have two options, either to use a package you already downloaded and put at disposal or you can download a new one. To use an existing one proceed as follows:
    1. Click Use an existing package .
      The Select a SCAP Package displays displaying all packages that are currently available for scanning.
    2. Select the package from the list.
    3. Click OK .
      The package is added into the Name box and all following fields are filled in automatically, if only one choice is available for each. If several choices are available for fields, you need to individually select them.
    4. Optional: Select the data stream to use in the Data Stream box if the package has more than one and you want to use another than the preselected data stream.
    5. Optional: Select the benchmark to use in the Benchmarks box, if the package has more than one and you want to use another than the preselected benchmark.
    6. Optional: Select the profile to use in the Profile box, if the package has more than one and you want to use another than the preselected profile or no profile at all. If you select no profile, all rules in the package are executed. If you select a profile, only the rules included in the profile are run.
  5. To import a new package proceed as follows:
    1. Click Import a new package .
      The Select an SCAP Package appears.
    2. Browse to the directory into which you downloaded the new package and select it.
    3. Click OK .
      The package is unzipped, parsed, added to CM , and added as well into the Name box in this window, and all following fields are filled in automatically, if only one choice is available for each. If several choices are available for fields, you need to individually select them.
    4. Optional: Select the data stream to use in the Data Stream box, if the package has more than one and you want to use another than the preselected data stream.
    5. Optional: Select the benchmark to use in the Benchmarks box, if the package has more than one and you want to use another than the preselected benchmark.
    6. Optional: Select the profile to use in the Profile box, if the package has more than one and you want to use another than the preselected profile or no profile at all. If you select no profile, all rules in the package are executed. If you select a profile, only the rules included in the profile are run.
  6. If the package is all new, click the Validate SCAP Package button, to ensure that the package is compliant with the Schema and Schematron rules.

    It is possible to download SCAP packages from many different sources, therefore it is possible that the downloaded data is not 100% compliant with the Schema (XSD) and Schematron rules. It is therefore important to ensure that the content is compliant, and this validation operation verifies all these Schema and Schematron rules.

    If the package is already verified, the information in the SCAP Package Validation panel indicates it together with the date and time at which the package was verified.

    If the package is not valid, an error window opens. To see the errors click the See Details button. A browser page opens and displays the detailed eror report. If the package is of version 1.0 or 1.1, the SCAP Package Validation window appears. Select the use case for which the package is to be used and click OK .

    Note:

    The use case is normally preselected. Selecting another might lead to a failed package verification.

  7. Select the use case to attribute to this package from the Use Case list.
  8. Click OK .
  9. Click Next to continue with the target selection.
Was this page helpful? Yes No Submitting... Thank you
Last modified by Confluence Admin on May 05, 2016

Comments

Log in or register to comment.

Scap job wizard
Defining the SCAP job targets
© Copyright 2013 - 2021 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.