This is a quick and easy way to build a policy. You'll select a host that has already been scanned for compliance, and we'll build the policy for you based on the latest compliance findings for the host. We'll add controls to the policy and even organize them into sections.
Step 1: Open the policy editor
Choose Policy Compliance from the application picker. Then go to Policies > New > Policy > Create from Host.
Step 2: Select a host
Select the host you want to base your policy on, and then click Next. Note - This list will be empty if you haven't run any compliance scans.
Step 3: Give your policy a name
Enter a policy name, and then click Create.
The policy is created with technologies and controls. We'll add controls that have been previously evaluated for the host and we'll set control values based on the actual values on the host. Feel free to make changes - add more technologies or controls, edit control values or change the organization.
Note - If multiple scanned instances of a technology are found for the host, then you will be prompted to select a single instance to use for the policy. For example, let’s say the host has multiple scanned instances of Oracle 11g on different ports. You’ll need to pick one instance of this technology to continue.
Step 4: Assign assets and click Save
Tell us which hosts you want to analyze for compliance against this policy. You do this by assigning one or more asset groups to the policy. Tip - Make sure the hosts you add are relevant to the policy technologies. Then click Save. Your new policy will appear on the policies list.