Security Policies Baselining

Description

Baselining is the process of setting up the common, minimum requirements of an enterprise. This could be for a group of computers or all the computers in the network. When a new computer is added to the domain, the common minimum requirements are installed and applied automatically. This saves a lot of time and effort for the administrators.

Scenario

Assume, you are managing 500 computers using Endpoint Central. All the computers should have few of the security policies, like Secure USB, restricting CD ROM access, etc., that need to be applied. Since you know the basic requirement, you can create a baseline for the security policies and apply it to the required computers or across the network. This ensures that, whenever a new computer is added to the domain, the baseline for security policy gets applied by default.

Steps

To apply the baseline that you have created for security policies, to all the computers or a specific group of computers in your network, follow the steps given below:

1. Click the Configurations tab
2. Under the Add Configurations section, click on Collection and Choose Computer Collection
3. Enter a name and description for the configuration
4. Choose and add the configuration that you have set as baseline for security policies
5. Select the target as domain, if you want to apply the baseline to all the computers in the network, so that if any computers are newly added to the domain, the baseline gets applied automatically.

   If you want the baseline to be applied to a specific group of computers, or computers of a workgroup, then create a Custom Group and apply the baseline to the custom group. If any new computer is added in the workgroup, baseline does not reflect on new computers, untill the computers are manually added to the custom group.

6. Configure the execution settings
7. Click Deploy

   Now, you have successfully set a baseline for the security policies.