Features
Features:

Product Tour >

Edraw AI >

Paid Plans:

Individuals >

Business >

Eduaction >
Resources
Blog

History

How-tos & Tips

Discovery

Biography

Business Analysis

Examples

AI concept Map

Free AI Mind Map Generator

Onenote Mind Map

Bcg Matrix Examples

Nike Marketing Strategy

Unilever SWOT Analysis

Make Mind Maps in Google Docs

Guide

FAQs

What's New

Resource Center
Templates
All Templates

Brain Storming Templates

Strategy and Planning Templates

Project Management Templates

Product Management Templates

Human Resources Templates

Agile Workflow Templates

Marketing Templates

Education Templates

Fun and Games Templates

User Gallery
Download
Pricing
Enterprise

MindMap Gallery Installing and Configuring OpenScap on Red Hat Satellite 6

Installing and Configuring OpenScap on Red Hat Satellite 6

This is a mind map that contains information about the Red Hat Satellite 6.

Edited at 2020-10-08 06:26:46

Study Smarter

Recent works View more works>>

Installing and Configuring OpenScap on Red Hat Satellite 6

Study Smarter

Recent works View more works>>

Recommended to you
Outline

FILM THEORY
- 2.3k
- 15
- 7
Second Hand Poet
adverbs of frequency
- 2.0k
- 17
- 2
Second Hand Poet
Marketing Coordinator Resume
- 355
- 4
Second Hand Poet
Production Assistant Resume Samples
- 470
- 6
- 1
Second Hand Poet
Top10 Education Quotes
- 940
- 6
Second Hand Poet
Party schedule
- 643
- 4
- 1
Second Hand Poet
Personal Resume Examples Designer
- 694
- 9
Second Hand Poet
Forms of corruption
- 658
- 8
- 1
Second Hand Poet
Pharmacist Resume Samples
- 414
- 6
- 2
Second Hand Poet
Sequences and Series
- 1.1k
- 4
- 1
Mind Trainer

Installing and Configuring OpenScap on Red Hat Satellite 6

Satellite ServerConsole

Satellite Server Requirements

# satellite-installer --enable-foreman-plugin-openscap

# foreman-rake foreman_openscap:bulk_upload:default

# yum -y install puppet-foreman_scap_client

OpenSCAP Content Requirements

# yum -y install scap-security-guide

Satellite ServerWeb UI

1. Set the Organization/Location tab to Any Context

2. Select Configure > Environments

3. Click on Import from <satellite_server> button, "Select the Puppet Environment as per the Openscap modules" and click Update.

4. Click to open newly imported Puppet Environments, then assign to your Locations and Organizations

Satellite ServerWeb UI

Create a Hostgroup

> Satellite Web UI: Configure > Host Groups > Click New Host Group

Host Group Tab

1. Name: OpenSCAP_Clients_Demo

2. Lifecycle Environment: (leave blank)

3. Content View: (leave blank)

4. Puppet Environment: Select OpenSCAP_RHEL7

5. Content Source: satellite.example.com

6. Puppet CA: satellite.example.com

7. Puppet Master: satellite.example.com

8. Openscap Capsule: satellite.example.com

9. Click Submit BEFORE advancing to the next tab. This takes you back to the Host Groups page.

10. From the Host Groups page, select OpenSCAP_Clients_Demo to modify this Host Group

11. Puppet Classes Tab:

12. Click to expand foreman_scap_client and select both foreman_scap_client and foreman_scap_client::params

13. Locations and Organizations tab, select to suit.

14. Click Submit to complete the update

Satellite ServerWeb UI

Create Compliance Policy

> Satellite Web UI: Hosts > Compliance > Policies

New Compliance Policy

Enter a name (Description optional)

SCAP Content tab:

SCAP Content: ssg-rhel7

XCCDF Profile: Common Profile for General-Purpose Systems

Schedule tab :

Period: Custom

Cron line: */1 * * * * (this will allow the demo to run every minute for demonstration only. Change to appropriate frequency once demo is completed)

Click Next, then select Locations and Organizations to suit

Hostgroups tab:

Use the newly created host group OpenSCAP_Clients_Demo

Click Submit to complete.

Satellite ServerWeb UI

Assign Policy To Host(s)

1. Satellite Web UI: Hosts > All Hosts > Select one or more hosts from the list of Hosts

2. Once we have the host(s) selected, a Select Action button appears above the list of hosts.

3. Select Change Group from the Select Action options

4. Select OpenSCAP_Clients_Demo from the list of host groups, then Submit

RHEL Client

Install and Configure Puppet on Client

# yum -y install puppet

# echo " server = <your_satellite_server>" >> /etc/puppet/puppet.conf

# echo " environment = OpenSCAP_RHEL7" >> /etc/puppet/puppet.conf

systemctl start puppet && systemctl enable puppet

puppet agent -t

Exiting; no certificate found and waitforcert is disabled

Go to next step to sign certificate(Sign Certificate on Capsule)

Satellite Web UI: Infrastructure > Capsule

On the Actions column, click on the available actions and select Certificates(For this demo, we only have the all-in-one Satellite/Capsule/Puppet Master)

Click Sign to sign the certificate

A scan will run base on the "Cron line:" setting in the earlier step. Monitor /var/log/messages on the client to see activities.

Run "puppet agent -t" again on the client.

Satellite ServerWeb UI

View Scan Results

1. Satellite Web UI: Hosts > Policies > (Select your policy)

2. In the table "Latest reports for policy: ...", click on View Report button

3. Latest_reports_for_policy

Fuente

https://access.redhat.com/solutions/3145861