System & Network Scanning
      Back to home
      1. Knowledge Base
      2. Getting Started
      3. System & Network Scanning

      How do I get started with policy scanning?

      Policy scanning is verification against a list of best practices, called benchmarks, of operative system configurations. Policy scanning is sometimes referred to as system hardening. We use CIS Benchmarks from the Center for Internet Security (CIS), which are a set of globally recognized and consensus-driven best practices to help security practitioners implement and manage their cyber security defenses. To start policy scanning your environment, follow the step-by-step guides.

      1. Review the requirements
      Make sure that your policy scan credentials are correctly configured.
      https://support.holmsecurity.com/knowledge/what-is-policy-scanning-and-what-are-the-requirements-for-policy-scanning

      2. Install a Scanner Appliance

      A Scanner Appliance is used for policy scanning within your local networks behind your firewall. In most environments, using a Scanner Appliance will be mandatory to authenticate on an operative system.
      https://support.holmsecurity.com/knowledge/how-do-i-install-a-scanner-appliance-1

      3. Create an asset (add hosts/IPs)

      Add a host, IP range, or network you want to scan for policies:
      https://support.holmsecurity.com/knowledge/how-do-i-create-one-or-more-hosts

      4. Create a scan profile

      Create a policy scan profile with authentication for the target operating system:
      https://support.holmsecurity.com/knowledge/how-do-i-create-a-policy-profile

      5. Schedule or run only once

      Schedule a scan based on the profile:
      https://support.holmsecurity.com/knowledge/how-do-i-set-up-a-policy-scan