The following is an example of a typical compliance workflow from enabling compliance baseline reporting to deploying additional baseline rules to your enrolled computer:
-
In Plans, enable compliance baseline reporting in a Jamf Protect plan.
This plan must then be assigned to target computers.
-
In , enable compliance baseline rules to monitor.Note:
Jamf Protect does not report on every CIS baseline rule to improve system performance. Refer to the latest CIS benchmark for a full list of recommended rules.
-
In , audit your baseline compliance.
-
Use Jamf Compliance Editor or the macOS Security Compliance Project to create management settings for baseline rules.
Baseline rule management settings comprise of configuration profiles and scripted commands, depending on the rule chosen.
-
Deploy resulting management settings for baseline rules using Jamf Pro or another MDM solution.
- Return to step 3.