Sign up to receive SCM email updates (restricted to .mil email addresses)
Return to Gap Analysis
Current Process Overview - Policy created dictates Security Technical Implementation Guides (STIGs)
- STIGs are written and maintained by DISA Field Support Office (FSO)
- System Administrator must manually download STIGs or rely on interim fixes like Gold Disk to evaluate compliance of given asset
- System Administrators need to manually check settings (there are 261 checks in the latest version of Windows 7 STIG) FOR EACH Asset
|
SCM Process Overview - Agents exist on managed assets on network
- Compliance checking can be managed from one central place FOR ALL NETWORK assets
- Agents downloads compliance check information in standardized (SCAP) format
- Agents report back compliance results continuously
- Network Situational Awareness
|