How are the users of CCS really using CCS in your environment and what processes have been developed around CCS. Here is a community discussion to gather information and share what works and understand what does not.
Q1: What assets are you monitoring ?
(a) Production assets
(b) In scope for compliance assets
(c) All
Q2: Do you use agentless or agent based collection ?
Q3: Are you backing up configurations and data from your CCS environment ? How often and how ?
Q4: How do you health monitor your CCS encvironment ? Are there standards enterprise monitoring agents deployed on the OS ? What are the challenges in your environment ?
Q5: How do you detect CCS services when they go down ? Health mon of the application.
Q6: How do you maintain security of the service accounts ? Do you change the passwords or is it fixed.
Q7: What reports have you automated/scheduled ?
Q8: Who views the reports and what do they do with it ?
Q9: Do you use the built in standards and checks or do you modify the standards and checks ?
Q10: How do you upgrade/maintain the modified standards and checks to be uptodate as the PCU standards and checks for assets of interest.
Q11: Have you automated any function within CCS ? If yes, how and what ?
Q12: What adhoc reports do you run and what is the purpose behind the reports ?
Q13: Where and how do you use CCS for real security or forensic work ?
Q14:Have you integrated CCS with other applications such as Qualys, Altiris, SEP, DLP ? If yes, what is the advantage you are gaining with the addition of these new data points ?
Q15:How are you dealing with remediation ? Are you able to measure remediation benefits periodically ? What processes have you developed to remediate findings from the checks and standards ?
Q16: Have you filed any product feature enhancements based on your environment requirement to Symantec ? What has been Symantecs response to you ?