Performing a Scheduled Baseline Check
Scenarios
SecMaster can check whether your assets have risks based on baseline check plans. By default, every three days SecMaster automatically performs a baseline check on related assets in the current region under your account from 00:00 to 06:00 in accordance with compliance pack Cloud Security Compliance Check 1.0. This function is enabled by default. So there are no manual actions required.
You can customize the automatic inspection period, time, and scope to create custom check plans.
This document describes how to create a custom baseline check plan.
Limitations and Constraints
- A compliance pack can be added to only one check plan.
- SecMaster cannot execute check plans that include manual check items. So do not add compliance packs that include manual check items to a check plan. There are manual check items in DJCP 2.0 Level 3 Requirements and General Data Protection Regulation compliance packs.
- Baseline inspection for OS Configuration Baseline, Common Weak Password Detection, and Password Complexity Policy Detection compliance packs are performed in HSS instead of SecMaster. However, you can view check results in SecMaster. If you need to perform HSS baseline inspection, go to the HSS console and complete the inspection. For details, see Performing Baseline Inspection on HSS.
- Auto check items in Cloud Security Compliance Check 1.0, Network Security, and Huawei Cloud Security Configuration compliance packs are supported.
- The default check plan can be enabled or disabled only. No changes on its compliance packs or execution time can be made.
Procedure
- Log in to the SecMaster console.
- Click
in the upper left corner of the management console and select a region or project.
- Click
in the upper left corner of the page and choose Security & Compliance > SecMaster.
- In the navigation pane on the left, choose Workspaces > Management. In the workspace list, click the name of the target workspace.
Figure 1 Workspace management page
- In the navigation pane on the left, choose
. On the displayed page, click the Security Standards tab. Then, click the Check Plan tab.Figure 2 Accessing the Check Plan tab
- On the Check Plan tab, click Create Plan. The pane for creating a plan is displayed on the right.
- Configure a check plan.
Table 1 Parameters for creating a check plan Parameter
Description
Basic Information
Name
Custom check plan name. It must meet the following requirements:
- The plan name can contain only letters, digits, underscores (_), and hyphens (-).
- Length: 1 to 255 characters.
Schedule
Select the check period and check triggering time from the drop-down list.
- Schedule: every day, every 3 days, every 7 days, every 15 days, or every 30 days
- Check start time: 00:00-06:00, 06:00-12:00, 12:00-18:00, or 18:00-24:00
Select Compliance Pack
Select the compliance pack you plan to use.
- Click OK.
After the check plan is created, SecMaster performs cloud service baseline scanning at the specified time. You can choose
to view the scan result.
Related Operations
You can view, edit, enable, disable, or delete a custom check plan. For details, see Managing Check Plans.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot