Policy scanning is a verification against a list of best practices, called benchmarks, of OS configurations.
Note: We use CIS benchmarks , world recognized best security configuration practices.
Policy scanning can be accessed within Security Center > Network scan and requires it's own scanning profile to be set up in order to work properly.
Requirements
- Policy scanning requires scanning profiles to be set up with credentials to access the assets
- You cannot mix Windows and Linux assets in a single scan
- You need separate policy scanning profiles for Linux and Windows systems
- Microsoft Windows assets requires the WinRM 2.0 (Microsoft Windows Remote Management) to be enabled and port 5985/tcp to be accessible (access granted in firewall)
- Linux/Unix assets requires Secure Shell (SSH) to be enabled and accessible
Notes
WinRM port 5985/tcp on Microsoft Windows is a HTTP port. The actual transferred SOAP data is, however, already encrypted to secure the data sent and received.
You can setup several policy scanning profiles with different authentication records if you are using different accounts among different assets
Microsoft Windows assets
Creating policy scanning profile
- Create a policy scanning profile
- Select a Microsoft Windows policy template
- Apply authentication details for your Microsoft Windows assets
- Username
- Password
- Domain (optional)
- Save
Scanning Linux/Unix assets
Creating policy scanning profile
- Create a policy scanning profile
- Select a Linux/Unix policy template
- Apply authentication details for your Linux/Unix assets
- SSH Port
- Username
- Password
- or use Private Key together with a Passphrase
- Save
You can find more information about setting up your Policy profiles in this article:
How do I create a Policy profile?
0 Comments