Using the Import SCAP Content wizard

Before you begin

Configure your anti-virus and firewall to avoid blocking executable files which facilitate processes that are initiated when importing checklists or generating reports. The details of the processes are as follows.
  • File: SHA256 checksum
    ruby.exe
    62a02cd27eccc8f16e9396459ecb3bdec6dff9ee4bad20fa6b251c908dc74840
    scap2.exe
    cf4f3ae7e675be16b93494ccaf1b1730d90fccb02bba57f66f312242a2dc1187
    scap2results.exe
    dcba8436dad1b2fb9dc67c3872df5150c68d9f152f0897c44a177140e505b4d5
    scap_results.exe
    4f47d9943422371c7b4b16d4e853ad7f03810f9bf274836f8735222fbde2fe4c
    Note: These values are examples of the file checksum function for the SCAP Tools. The value varies with each published release version of the SCAP Tools. For values that are applicable to new SCAP releases, see SCAP Release Notes.
  • File path: [Path_to_Console]/Sites/SCM Reporting

About this task

The Import SCAP Content wizard generates HCL BigFix content from a set of SCAP XML input files into a custom site. The content that is generated includes a Fixlet for each check found in the SCAP checklist.

To find SCAP checklists, see the National Checklist Program Repository. The SCAP Import wizard has been validated for checklists at Tier IV in this repository. The wizard supports checklists designed for the Windows platform.

Procedure

  1. From the Security Configuration Domain, go to All Security Configuration > Import SCAP Content.
  2. Click Select and choose the XCDDF file that will be imported.

  3. When the source content has more than one data stream, you can choose the data stream options from the dropdown menu. Select the data stream to import.
  4. When the source content has more than one benchmark, you can choose the benchmark options from the dropdown menu. Select the benchmark to import.
  5. Select a profile to import from the dropdown menu.
  6. Identify how the issues and errors should be handled. Click to select from the following choices:
    • Strict
    • Lenient (ignore minor issues)
    • Lax (make a best effort to import the content)
  7. Optional: You can choose to apply the following conditions to the Windows checklist that will be imported.
    • Include OVAL checklists - Select this box to process XCCDF rules that reference an entire OVAL file.
    • Skip OVAL validation
    • Skip XML validation
    • Allow unescaped HTML in check description - Use with caution. This option may contain script tags.
  8. Click Import.
  9. Select the custom site from the menu.
  10. Click OK.