The SRAS SCAP Configuration Module integration is introduced due to the following business reasons:
To view SCAP-based configuration assessment data that SRAS collects using the rich and evolved reporting capabilities of the Dashboards feature in CCS so as to leverage more and better information from the same data.
To make the SCAP-based configuration assessment data that SRAS collects available to CCS Risk Manager to determine the overall security, risk, and compliance posture of your networks.
Please refer Chapter 3 in "Symantec Risk Automation Suite SCAP Configuration Module Integration Deployment and Usage Guide" to install the SRAS SCAP Module Integration (CCS-SRAS SCAP Connector)
Structure of the integration system:
The CCS-SRAS SCAP connector is an Open Database Connectivity (ODBC) connector that is a part of the External Data Integration (EDI) framework of CCS. EDI enables you to seamlessly assimilate data from an external application into Control Compliance Suite (CCS).
Role of the integration system:
As a mediator between the third-party information source and CCS, the integration system does the following tasks:
Connects: The integration system connects to the third-party information source.
Authenticates: The integration system uses credentials to connect with the third-party information source.
Imports: The integration system imports data from the third-party information source into CCS using a data import mechanism.
What you can do using the integration system:
Using the SRAS SCAP Module integration, you can:
Use SCAP-based configuration assessment data from SRAS for measuring policy compliance.
Use SCAP-based configuration assessment to measure Key Performance Indicators (KPIs) using Dynamic Dashboards feature in CCS.
Use the risk scores that SRAS determines to contribute to the overall asset risk score.
Use assets information that SRAS provides to rationalize assets.