Creating Security Schemas
A custom Security Schema is a set of tests used in a Site Security Assessment. You can include and exclude tests and adjust the criteria in the tests to the level of security that you need. You can create as many custom Security Schemas as you need.
Once you've created a custom Security Schema, you can apply it to any or all of the sites you manage. If you apply a Security Schema to a site that is enrolled in Security Assessments, the Security Schema replaces any existing Security Schema as the default. The site is then assessed against the newly applied Security Schema.
The Effect of Leaving Tests Out of a Custom Security Schema
If you create a Custom Security Schema, you have the option to exclude any of the suggested tests in a category.
Leaving tests out does not change the weight of the category in the overall score. The overall weight of the category stays the same whether there are four tests in the category or only one. Because the weight of the category doesn't change, removing one or more tests from the category means that the tests remaining in the category affect the Security Score more than they would have otherwise. For example, if you have five tests in a category, the tests have a lower relative weight than if you have only one test. If there is a single test in the category, that one test carries the full weight of the category.
If a category has no tests in it, that category is not scored and adds no value to the overall security score.
To Create a Security Schema
- Click Configuration > Site Security.
- Click New.
- In the Schema Name box, type a name.
- Optionally, in the Description box, type a description.
- To exclude any test, slide the slider next to the test to the Off position.
- Adjust the criteria of any of the following tests:
- Domain user accounts - Password age status check
- Local user accounts - Password age status check
- Domain password policy - Minimum password history status check
- Domain password policy - Maximum password age status check
- Local account password policy - Minimum password history status check
- Local account password policy - Maximum password age status check
- Wi-Fi Network Strong Password Status Check
- Optionally, apply the Security Schema to a site by clicking Add, then selecting a site. Click OK.
- Click Save.
Viewing and Organizing the Security Schema List
You can view and organize the list of tests in Security Schemas various ways. You can:
- Organize the list by category.
- View the tests as an unordered list.
- Sort the list alphabetically.
- Show included or excluded tests first in the list.
To view the Security Schema List
- Click Configuration > Site Security.
- Click the name of a Security Schema.
To organize the Security Schema Test List by Category
- Select the Grouped check box.
To view the Security Schema Tests as an Unordered List
- Clear the Grouped check box.
To sort the security schema test list alphabetically
- Clear the Grouped check box.
- In the Test Name cell, click the up or down arrow.
To copy a Custom Security Schema
You can make a copy of a custom Security Schema, which you can then rename and edit. The Security Standard Schema can't be copied.
- Click Configuration > Site Security.
- Click the check box next to a Security Schema, then click Copy.
To edit a Custom Security Schema
You can edit any custom Security Schema. The Standard Security Schema can't be edited.
- Click Configuration > Site Security.
- Click the name of a Security Schema.
- Make your changes.
- Click Save.
To delete a Custom Security Schema
- Click Configuration > Site Security.
- Click the check box next to a Security Schema, then click Delete.
- Click OK.
To see the Sites a Security Schema is applied to
- Click Configuration > Site Security.
- In the Schema table, click the number in the Applied Sites column, in the row of any Security Schema.
Applying Security Schemas to Sites
After you have set up a custom Security Schema, you can apply it to any of the sites you maintain. If you have another custom Security Schema applied to the site, it is replaced with the chosen Security Schema.
If no custom Security Schema is applied to a site, the site is scored against the Standard Security Schema.
- Click Configuration > Site Security.
- Click the name of a Security Schema.
- In the Sites area, click Add.
- Select the check box beside each site you want to include, and click OK.
- Click Save.
To Apply a Security Schema to All Existing Sites
- Click Configuration > Site Security.
- Click the name of a Security Schema.
- Select the check box of a schema.
- Click More Actions > Apply Schema to all existing sites.
- Click OK.
To remove a Security Schema from a Site
If you remove a custom Security Schema from a site, it is scored against the Security Standard Schema until you apply another custom Security Schema to it.
- Click Configuration > Site Security.
- Click the name of a Security Schema.
- In the Sites area, click the check box next to the site to remove.
- Click Remove.
- Click OK.
- Click Save.
To delete a Security Schema
If you delete a Security Schema, all sites it is applied to are scored against the Security Standard Schema until another Security Schema is applied.
- Click Configuration > Site Security.
- Click the name of a Security Schema.
- In the Sites area, click the check box next to the site to delete.
- Click Delete.
- Click OK.