→ The features and capabilities available to you in Strata Cloud Manager depend on which license(s) you are
using.
You can view a history of changes to the security checks made up to 12 months
in the past, grouped together by the Center for Internet Security (CIS) and the National
Institute of Standards and Technology (NIST) frameworks. For each framework, you’ll see
a list of controls as well as the percentage of current and average compliance rate,
total number of best practice checks, and the number of failed checks for each
control.
Interact with the chart and the list to see the relationship between controls
and their historical statistics. View details of individual controls and their
associated checks, and select a best practice check to view the firewall configuration
that is failing the check.
The CIS Critical Security Controls framework is a prioritized set of
recommended actions and best practices that help protect organizations and their data
from known cyberattack vectors. You can view check summaries for 11 of the 16 basic and
foundational CIS controls:
CSC 3: Continuous Vulnerability Management
CSC 4: Controlled Use of Administrative Privileges
CSC 6: Maintenance, Monitoring, and Analysis of Audit Logs
CSC 7: Email and Web Browser Protections
CSC 8: Malware Defenses
CSC 9: Limitation and Control of Network Ports, Protocols, and
Services
CSC 11: Secure configuration for Network Devices, such as Firewalls,
Routers, and Switches
CSC 12: Boundary Defense
CSC 13: Data Protection
CSC 14: Controlled Access Based on the Need to Know
CSC 16: Account Monitoring and Control
The NIST Cybersecurity Framework SP 800-53 Controls framework provides
guidance for federal agencies and other organizations to implement and maintain security
and privacy controls for their information systems. You can view check summaries for
eight families of NIST controls:
SC: Access Control
AU: Audit and Accountability
CM: Configuration Management
CP: Contingency Planning
IA: Identification and Authentication
RA: Risk Assessment
SC: System and Communications Protection
SI: System and Information Integrity
To get to the Compliance Summary Dashboard, go to Dashboards, and then
select the Compliance Summary tab.
If you don’t see Compliance Summary among the tab choices,
select More Dashboards, and then select the checkbox for Compliance
Summary from the choices listed under Posture.
A) Security Controls selector
Select CIS or NIST controls
B) Filter by
Device
Time-frame
Past 7 Days
Past 30 Days
Past 90 Days
Past 6 Months
Past 12 Months
C) Sort by
Control CSC Number
Current Passing %
% Change
Number of Failed Checks
D) Line Chart
Passing % - Shows passing percentage for a given
check type.
Timeline - Shows when the percentage was measured
for a given check type.
E) Check List
Stats
Average Passing % - Shows the average
percentage of passing checks.
12-Month Change - Shows change over a
12-month period.
Checks Failed - Shows the number of failed
checks.
Selected Controls - A checkmark brings a control
into view on the line chart.
Reset - Removes all locks.
Collapse All/Expand All - Shows/Hides stats in the
list.
Lock Line Chart - Keeps locked checks in view on
the line chart.
Select a control on the list to see the best practice checks it
includes.
Select a best practice check to view the firewall configuration
that is failing the check.