Home
Security Compliance Analytics
Security and Compliance Analytics (SCA) is a web-based application designed to help you manage security, vulnerability, and risk assessment. The application archives security and vulnerability compliance check results to identify configuration issues and report levels of compliance toward security configuration goals.
Security and Compliance Analytics User Guide
BigFix for Security and Compliance Analytics (SCA) is a web-based application that is designed to help you manage security, vulnerability, and risk assessment. The application archives security and vulnerability compliance check results to identify configuration issues and report levels of compliance toward security configuration goals.
Management Tasks
Configuring a directory server that has a load balancer or multiple domain controllers
BigFix Compliance supports authentication through a LDAP server. Learn how to configure the root certificate for the BigFix Compliance server.

Security Compliance Analytics
Security and Compliance Analytics (SCA) is a web-based application designed to help you manage security, vulnerability, and risk assessment. The application archives security and vulnerability compliance check results to identify configuration issues and report levels of compliance toward security configuration goals.
- Security and Compliance Analytics Setup Guide
  BigFix for Security and Compliance Analytics (SCA) is a web-based application designed to help manage security, vulnerability, and risk assessment. The application archives security and vulnerability compliance check results to identify configuration issues and report levels of compliance toward security configuration goals.
- Security and Compliance Analytics User Guide
  BigFix for Security and Compliance Analytics (SCA) is a web-based application that is designed to help you manage security, vulnerability, and risk assessment. The application archives security and vulnerability compliance check results to identify configuration issues and report levels of compliance toward security configuration goals.
  - Introduction
  - Viewing deployment compliance status reports
    You can view the compliance status in your deployment from any of the four report types.
  - Working with patch reports
  - Management Tasks
    - Computer Groups
    - Computer Properties
    - Data Sources
    - Data Imports
    - Roles
    - Server Settings
    - Session Settings
      You can change your session settings to specify the session time for a logged in user who is inactive for a certain period and to custom the message on the login page using Markdown text.
    - Directory Servers
    - Configuring a directory server that has a load balancer or multiple domain controllers
      BigFix Compliance supports authentication through a LDAP server. Learn how to configure the root certificate for the BigFix Compliance server.
    - Adding a directory server
      To use LDAP, you must first configure a connection to your directory server.
    - Single Sign-On Settings
    - Users
    - Configuring LDAP
    - Exceptions
    - Policy Management
      View external content, create policies, and publish content from Policy Management.
    - Account Preferences
  - Configuring report definitions using REST API
    Administrators can use REST API to create, update, and delete saved report view definitions across TEMA instances.
  - Disaster Recovery for BigFix Compliance Analytics
    Use the standard cold standby method of creating a backup and restoring the system in your disaster recovery plan for BigFix Compliance Analytics.
  - Example Reports - Compliance
    View examples of the various BigFix Compliance Analytics reports.
  - Example reports - Patch reports
    View examples of the various BigFix Compliance Patch reports.

Configuring a directory server that has a load balancer or multiple domain controllers

BigFix Compliance supports authentication through a LDAP server. Learn how to configure the root certificate for the BigFix Compliance server.

Before you begin

Contact the BigFix Support team to obtain the password that is required during configuration.

About this task

The LDAP does not work on BigFix Compliance servers when an individual domain controller certificate is updated. Thus, compliance sites stop authenticating the users through LDAP because the updated domain controller is not trusted. Perform the steps in this procedure to configure the directory server. Ensure that you configure a directory server after each application upgrade, because the certificates that you add according to this procedure are not preserved.

If your LDAP server uses a load balancer or multiple domain controllers that dynamically change the list of hosts, and the connection between LDAP and the BigFix Compliance server is secure, perform advanced configuration of the BigFix Compliance server.

Procedure

Perform the following steps to configure the root certificate for the BigFix Compliance server:

Contact LDAP server administration and obtain a root certificate for LDAP, which contains one or more certificates (full chain of trust). The following example shows a root certificate:

-----BEGIN CERTIFICATE-----
MIIHZjCCBk6gAwIBAgISKESJLWXAAAACTANBgkqhkiG9w0BAQUFADBNMRMwEQYK
CRWmyVBwPWQBBUNdilPKJRQwpeYKCZImiZPyLGQBGRYEQ354jTEgGG7GA1UEAiU5
.
.
.
MTAzMzQxWjBZMRMwEQYKCZImiZPJVGQBGRYDbmV0MRkwFwYKCZImiZPyLGQBGRYJ
bnNyb290ZGV2MScwJQYDVQQDEx5DaXRXAEludGVybmFsIERldmljZSBDQSAwMyBM
-----END CERTIFICATE-----

Note: Ensure that root certificate file is in PEM format.

Copy the root certificate file to the following directory: C:\Program Files\BigFix Enterprise\SCA\jre\lib.

Using command prompt, run the following command:

C:\Program Files\BigFix Enterprise\SCA\jre\bin\keytool -import -trustcacerts -file <certificate_file_name> 
-alias certAliasName -keystore cacerts -storepass <password>

Where <password> is provided by the BigFix Support.

Restart BigFix Compliance.