Posted on 09-14-2024 01:29 AM
Jamf Protect hast baselines for CIS Lvl.1 and Lvl.2.
Is it possible to use a different baseline, e.g. v8?
Posted on 09-14-2024 11:59 PM
The CIS 1 and 2 compliance baselines reporting in JAMF Protect were recently updated. Not up on the current CIS controls as we don't use CIS controls at my workplace, but I would assume it is newer version now?
If there are any gaps that are of concern, you could create a custom analytic for reporting.
Posted on 09-15-2024 12:19 AM
Thank you for replying.
What do you do if you want to use any of the other benchmarks that the Jamf Compliance Editor provides, e.g. NIST in all of its variations... does Jamf Protect support them?
Posted on 09-15-2024 02:00 AM
The short answer to your question is yes, with additional manual configuration. You can't import a different Baseline into JAMF Protect.
Our company complies with the NIST benchmark. If you just want reporting, you can achieve this in JAMF Pro with the compliance EAs and other components generated by the JCE. Those combined will report back if the device is or is not compliant.
In order to get Protect remediation flows happening as well, we had to configure custom analytics and then policies for remediation using smart groups.