Defining SCAP job deviations

This step allows you to specify SCAP rule deviations. A rule deviation is a rule for which it does not matter, if it succeeds or fails on the targets, as its scan results are considered as passed in global compliance.

Some rules that are included in the benchmarks can be specified as deviations, because, for example, they are not applicable to a specific operating systems, or a specific rule currently is not applicable for your internal regulations, and so on.

These deviations can be modified at any moment and can also have a deadline. This means that for example a rule is considered a deviation until December 31st, because until then a specific requirement is not applied in your organization, but from the 1st of January onwards it will be. Once the expiration date is reached, the deviation is automatically removed and the rule result included in the global compliance.

Note:

Be aware that this does not impact any scans and reports already run before the expiration date, these remain as they are.

To declare a rule a deviation proceed as follows:

  1. Click Add SCAP Rule Deviation link.pngon top of the list box.
     The SCAP Rule Deviation dialog box appears.
  2. Select the rule to specify as deviation.You can select more than one rule at a time by holding the CTRL key while selecting.
  3. Optional: Click the calendar calendar3.pngicon, if the rule deviation is to expire at a specific date. If the deviation is unlimited, do not modify this box.To clear the expiration date click no.png.
  4. Enter an explanation into the Notes box, why this rule is to be a deviation.The contents of this text box is used in the SCAP job result report for explanation.
  5. Click OK to add it to the list of deviations and close the window.
  6. Click Next to continue with the definition of the SCAP job schedule.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*