Desired compliance
Set your desired compliance. This is the benchmark and profile that you assign to a particular node and that is scanned on that node by default. Generally, you set compliance only once for your nodes.
By default, Comply automatically assigns an appropriate benchmark for each operating system, along with a Level 1 profile, to nodes that have not been set based on fact information from PE. Accepting this option is the quickest way to get up and running with desired compliance.
The ✔️ sign in the Profile assigned column on the Inventory page tells you that the desired compliance is set. You can view the node's information, including its assigned benchmark and profile, by clicking on the row assigned to the node. To change a node's desired compliance, follow the instructions in Manually set desired compliance. You can also follow the manual instructions to assign a different benchmark and profile to a node, or to assign a custom profile.
Manually set desired compliance
If you don't want to use the benchmark and profile that Comply assigns automatically to your node, you can set the benchmark and profile that you prefer from the Inventory page.
You can also bulk assign desired compliance to a batch of nodes if the nodes are running on the same operating system, and the latest version of the CIS-CAT Pro Assessor is installed on each node.
-
On the Inventory page of Comply, click the check-boxes of the nodes for which you want to specify desired compliance.
-
In the toolbar at the top of the page, click Actions > Set desired compliance.
-
Choose the CIS Benchmark and profile that you want to assign to the node using the drop-down menus.
-
If you have created a custom profile, you can set it as the desired compliance by clicking Use an associated custom profile?
-
Click Update.