Home
Payment Card Industry (PCI) Add-on User Guide
BigFix Compliance PCI Add-on is a new chargeable component that provides security configuration checklists that are based the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
Understanding the results in BigFix Compliance Analytics
Use BigFix Compliance Analytics (formerly known as Security and Compliance Analytics or SCA) to navigate and explore security configuration check results.
Creating exceptions
You can file for the endpoint to be excluded from the PCI DSS checks if some endpoints require compliance to older policies or standards.

Payment Card Industry (PCI) Add-on User Guide
BigFix Compliance PCI Add-on is a new chargeable component that provides security configuration checklists that are based the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
- Overview
  HCL BigFix Compliance PCI Add-on is a new chargeable component that provides security configuration checklists that are based on the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
- Setup
  Complete configuration steps to access the PCI DSS checklists and checks and ensure accurate relevance evaluation on the endpoints.
- Using checks and checklists
  The check Fixlets in Configuration Management checklists assess an endpoint against a configuration standard. Many check Fixlets have a corresponding analysis, sometimes referred to as measured values, that report the value of the element that the check Fixlet evaluates.
- Understanding the results in BigFix Compliance Analytics
  Use BigFix Compliance Analytics (formerly known as Security and Compliance Analytics or SCA) to navigate and explore security configuration check results.
  - Starting BigFix Compliance Analytics
    Use any of the supported web browsers to open the web-based application.
  - Importing data to BigFix Compliance Analytics
    Depending on your configuration, the Extract Transform and Load (ETL) process that computes the compliance status of each check and checklist could take a long time. To ensure that you are viewing the latest reports, verify that the imports are configured to run automatically and that a recent import has completed successfully.
  - Viewing reports from BigFix Compliance Analytics
    BigFix Compliance Analytics displays reports that contain the compliance status of your deployment. Each PCI DSS checklist and its checks are exported periodically into Compliance Analytics.
  - Viewing PCI DSS compliance results
    This section shows how you can view the results of PCI DSS compliance at a checklist, checks, and check results levels.
  - Creating exceptions
    You can file for the endpoint to be excluded from the PCI DSS checks if some endpoints require compliance to older policies or standards.
- Resources
  You can find more information about Security Configuration Management and PCI DSS in the following resources.

Creating exceptions

You can file for the endpoint to be excluded from the PCI DSS checks if some endpoints require compliance to older policies or standards.

About this task

Security and Compliance Analytics (SCA), which is now known as BigFix Compliance Analytics, provides a separate interface for Exception Management where you can set exceptions to exclude data from your compliance reports.

To access the Exceptions interface, click Management > Exceptions.

You can create and edit exceptions for checks, computers, computer groups, and checklists with or without an expiration date.