This topic describes how to check the baselines by using customized policies, and how to view the check results and suggestions on handling baseline risks.

Background information

Baseline check is a value-added service of Security Center. Only Enterprise Edition users can activate and use this service. A Basic Edition or Pro Edition user must upgrade to Enterprise Edition to use this service.

View the summary data for the check result

In the upper part of the Baseline Risk page, you can view the summary data for the baseline check result.
检查结果统计
  • Checked Servers: The number of servers on which baseline check is performed.

    Checked Servers indicates the number of servers that you select when configuring a check policy.

  • Check Items: The number of check items that you select when configuring a scan policy.
  • Last Check Pass Rate: The pass rate of the last baseline check.
    If the number in the Last Check Pass Rate area is green, the pass rate of the checked servers is high. If this number is red, a large number of baseline risks have been detected. We recommend that you view the check result details and deal with the failed items.
    检查详情

Manually perform a baseline check

Both automatic periodical check and manual check are supported. To schedule a periodical check, set Cycle and Time when configuring a scan policy. To manually begin a check, click Check Now.

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, click Baseline Check.
  3. In the Select Policy drop-down list, select a policy for a manual check.
    选择策略
    Note If any number in the Failed Items/Affected Servers column is not 0, baseline risks have been detected on your servers.
  4. Click Check Now.
    After you click Check Now, the progress of the check is displayed.
    检测进度
    You can click View Progress to view the number of servers that have passed or failed the check and the causes of the failures. Click View Solution to learn how to handle the failures.
    检测详情

    Click Refresh to view the latest check result.

View detailed check results

After a baseline check is complete, you can click a baseline in the list to enter the details page of this baseline. This page displays the assets affected by this baseline, the failed and passed items of each asset, and the suggestions on risk handling. You can also ignorefailed items or verify fixed risks.

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, click Baseline Check.
  3. In the baseline list, click a baseline.
    基线项
  4. On the details page of the selected baseline, you can:
    • View the information about all assets affected by this baseline.
      影响资产
    • Click View next to an asset to view the at-risk baseline items on this asset and the check result of each item. The check result can be failed or passed.
      Note We recommend that you handle the failed items immediately.
    • If you do not want to receive alerts for risks on an item, select this item and click Ignore to remove it from the alert list. An ignored item no longer triggers alerts.
      忽略
      Note To ignore multiple items, select the items, and click Ignore below the item list of the asset.
    • Click Details next to an item to view the item description, check result, and suggestions.

      We recommend that you enhance the baseline configurations based on the suggestions.


      详情
      Note We recommend that you handle the failed items of high severity immediately.
    • After you handle a failed item, click Verify to check whether the risk has been cleared. After you begin verifying an item, the item status becomes Verifying.
      验证中

      If you have not verified an item, Security Center automatically verifies this item during the next periodical check.