Beginner’s guide to Security Compliance Management
Welcome to the Beginner’s guide to Security Compliance Management! As a new user, you'll need to perform some initial installation and configuration tasks, and then we'll show you how to use the core features of Security Compliance Management.
You're just a few steps away from enforcing compliant configurations across your infrastructure. Before you begin, we recommend familiarizing yourself with our Security Compliance Management terminology and Security Compliance Management overview.
Step 1: Install and configure Security Compliance Management
Use the main documentation to install and configure Security Compliance Management. If you have completed these steps, proceed to step 2.
Step 2: Set desired compliance
Desired compliance is the benchmark and profile that you to assign to a particular node. It is what is scanned on that node by default. Most of the time, you only need to set this once for your nodes.
Based on fact information from Puppet Enterprise, Security Compliance Management automatically assigns an appropriate benchmark for each operating system, along with a Level 1 profile, to nodes that have not been set. Accepting this option is the quickest way to get up and running with desired compliance.
Alternatively, you can manually choose your own benchmark and profiles. For more information, see Manually set desired compliance.
Step 3: Run a CIS scan
You are now ready to run a scan.
This topic describes how to run an initial ad hoc scan.
Congratulations! You've completed the Beginner’s guide to Security Compliance Management. You're now familiar with the core features and know how to run CIS scans with Security Compliance Management. To find out how you can enforce and automate CIS benchmarks on your failing nodes, see Enforce CIS and STIG best practices.
Related information