The Assets tab displays four sections for assets: Compliant, Non-Compliant, Not Assessed and Excluded assets.

Click each section to review the assets. You can view the listed devices for each asset along with information about the device: VM name, the last time the device was assessed, and the OS for the device. You can also view the compliance percentage for the compliant and non-compliant assets.

Filter the data using the search bar or using the OS or Sensor version filters.

Sort the data using the VM name, OS, sensor version and last check-in time columns.

VM Compliance

In the Compliant and Non-compliant sections, a Compliance column displays the compliance percentage of the device.

Click the percentage to view the recommendations in the VM Compliance table.

In the VM Compliance table, you can view the compliant and non-compliant assets by using the View dropdown menu. The name and OS version of the asset display at the top of the VM Compliance table.

Use the Search bar to search for CIS recommendations. For example, search for Windows firewall or public logging.

Procedure

  1. Select a CIS recommendation to view the benchmark details on the right-side pane of the table.
  2. Use the table options to change the number of items to view.

Not Assessed Assets

The Not Assessed tab lists all assets with the supported OS version by the selected Benchmark set.

Click the Not Assessed tab to view a list of assets with the supported OS version by the selected Benchmark set.

The Reason column lists the reasons for not assessing the asset:
  • Out-of-date sensor version: When the sensor version is not supported.
  • Not in domain controller: If the asset is not a domain controller or a member of an Active Directory.
  • Assessment scheduled: When the asset is eligible for the assessment but must wait for the next schedule scan.

To reassess a not assessed asset:

Procedure

  1. Select the check box on the left-hand side. The Actions button displays.
  2. Click Actions to reassess the asset.
    The Actions tab for the non-assessed asset option

Results

If the asset fulfils the pre-requisites and is active, then the reassessment triggers an on-demand scan. The asset moves to the Compliant tab or the Non-Compliant tab based on the scan results.

Exclude an Asset

Use this procedure to exclude an asset from assessment.

Procedure

  1. In the VM name column, select the checkbox next to the asset.
  2. Click the Actions dropdown menu.
  3. Select Exclude from Assessment.
    The Actions tab displays the exclude from assessment option
  4. Click Exclude when you are asked whether you want to exclude the asset.

Results

The asset moves to the Excluded section and is not assessed against any CIS benchmarks.

Include an Asset

You can move an asset from the Excluded section to include it for reassessment.

Procedure

  1. In the VM name column, select the checkbox next to the asset.
  2. Click the Actions dropdown menu.
  3. Select Include for Assessment.
  4. Click Include when you are asked whether you want to include the asset.

Results

The asset is included for assessment against the CIS benchmarks.

Export Recommendations Report

Use the Export button to download compliance data. You can do this in both the VM Workloads and Recommendations tabs.

Procedure

  1. Select the column to download.
  2. Click Export at the top right of the page.

What to do next

A message displays in the Notifications tab when the export is available to download.