Sicura Logo
Menu

Profiles are groupings of rules that are used to scan systems and enforce their compliance. On startup, the console provides profiles defined by various providers including:

  • CIS (Center for Internet Security)
  • DISA (Defense Information Systems Agency)
  • SSG (SCAP Security Guide)

Each of these providers includes numerous profiles depending on your compliance needs. Any of these profiles can be scanned on any of our various supported platforms, and then enforced either using the console’s built-in enforcement feature, or by using the SIMP Compliance Engine in a Puppet environment.

Scan Profiles

Currently, scan profiles can only be accessed from the Scan dropdown or from the Node Settings/Default Profile selection.

In a future release of the console, a dedicated page will be created to view built-in profiles, create custom ones, and link them to enforcement profiles.

Enforcement Profiles

The enforcement profiles page provides a top-down view of any profile that can be used to enforce settings on a system.

The page is split into 2 sections.

  1. Default

Profiles located under the default tab are populated the first time the console is loaded and will update any time the console is updated to a newer version.

Note: On first startup of a brand new install, it maye take a few minutes for this list to be fully populated. Simply wait until the loading spinner goes away and the table appears before use.

Each profile is listed as an entry in the datatable. In the case you’d like to take a profile and create a custom one from it. Simply click the copy button on the Actions column.

The Actions provides 2 actions to be taken on any default profile.

  • Copy: Creates another custom profile based on the contents of this profile.
  • Download: Downloads the profile as YAML to be used with SIMP Compliance Engine

This will bring up the new profile drawer. Enter in the relavant information before continuing.

Once created click over to the custom tab to continue.

  1. Custom

Whenever you copy a default profile, it will appear in this custom tab. The name, version and description provided can be viewed here as well as the name of the user that created the profile.

Note: Currently only admin users can access enforcement profiles. Profiles will be integrated into the RBAC system in a later release.

The Actions provides 4 actions to be taken on any custom profile.

  • Edit: Opens the edit window for easy manipulation of the profile. (See below)
  • Copy: Creates another custom profile based on the contents of this profile.
  • Download: Downloads the profile as YAML to be used with SIMP Compliance Engine
  • Delete: Removes the profile.

Editing a profile By clicking the edit button on a custom profile, the edit window will appear:

This window provides all the details to a profile including its name, description, creation date, and creator, but also the list of rules contained within that profile.

From here rules can be added or removed as a user sees fit.

Rules can be deleted by either clicking the X to the right of the rule row, or by multi-selecting the rules you don’t want and clicking the Delete Rules button that will appear.

Rules can be added via the + Add Rules button.

This modal will provide the ability to add any rule from any other profile. Either all at once or one by one.

Profiles

This article explains how profiles are used in the Sicura console to scan and enforce compliance rules on systems.

Read Article

Infrastructure

This document provides information on the infrastructure management, node organization, and scan triggering within the Sicura agent, including instructions on accepting/rejecting nodes, creating automation rules, and viewing scan results.

Read Article

Administration

This article provides an overview of the administration options available in the Console UI of the Sicura platform, including authentication providers, groups, users, and roles.

Read Article

Scheduling

This article explains how to use the scheduling feature in SICURA to define repeat scheduled tasks for folders and endpoints.

Read Article

Reports

This article provides an overview of the report generation system in Sicura Console, including the two built-in report generators and the options available for exporting scan results in various formats.

Read Article