Chapter 4. Managing Compliance Settings
In this chapter we will cover the following:
- Building Configuration Items
- Creating and deploying a baseline
- Leveraging Security Compliance Manager
- Monitoring compliance with SSRS
Introduction
Compliance settings in CM12—known as Desired Configuration Management (DCM) in CM07—have taken on an important new feature: Remediation. Remediation uses local policy just as active directory uses group policies. With CM12, it is now possible to not only create a list of settings, but to enforce them as well.
There are a variety of ways to use compliance settings. One you are already aware of is Software Updates, which are nothing more than a bunch of Configuration Items (CIs) downloaded from Microsoft. When you bundle them ...
Get Microsoft System Center 2012 Configuration Manager: Administration Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.