5 Replies Latest reply on Mar 18, 2013 7:38 PM by Bill Robinson


      Good Morning....


      I am new to the tool. I am looking to take either a snapshot or a Template of our Windows server that has been STIG so that I can run as the master to update other servers. I would like to hear other users experience doing the same thing and what method they would recommand.


      Thanks Bob

        • 1. Re: Bladelogic
          Atul Gaikwad

          Hi Bob,


          The Audit job is designed to compare the master with other targets and remediate the targets to be compliant with master

          The Audit job can be created from a Component Template, Live Browse, or from an snapshot


          Please mark answer  correct if your problem solved



          Atul Gaikwad

          1 of 1 people found this helpful
          • 2. Re: Bladelogic
            Joe Piotrowski

            There are pros and cons to both. You can quickly take a Snapshot of server parts, and compare that Snapshot against other servers to see the differences. As Atul stated, you can easily "sync with master" on many of those objects (but not all) to make the servers like the master one.


            Component Templates take longer to set up but they are more powerful. You can add logic conditions to your imported parts (for example, does this registry key exist and does the value equal this number) and easily create remediation BLPackages. Whether they are imported server parts, scripts, software installations, etc.

            • 3. Re: Bladelogic
              Bill Robinson

              robert - there are out of the box component templates provided for the stig that you can use to bring your servers into compliance.  have you looked into use those ?  then are available for download on the epd.

              • 4. Re: Bladelogic



                I am using the SCAP for compliance (windows). What I would like to do is run the SCAP against my servers and then go back and remediate the non-compliant issues. I know I can modify the out of the box templates but I would have to use the ootb template which makes my servers less compliant. Any ideas would be appreciated.


                Thanks Bob

                • 5. Re: Bladelogic
                  Bill Robinson

                  unfortunately scap doesn't support remediation.  so you would need to modify your templates w/ the matching rules from scap and build remediations from there. or you need to buld the blpackages, and manually correlate which packages needs to get deployed based on your scap results.