Benchmarks

The Benchmarks tab (Control > Benchmarks) contains a list of industry-standard, best-practise policies, stipulated by the Center for Internet Security (CIS) to ensure the security of a target system. Benchmarks are an incredibly powerful tool provided by Cloudhouse Guardian (Guardian) that can be applied to a node, or group of nodes, to evaluate whether they are compliant with the parameters stipulated by the CIS.

The Benchmarks tab displays a list of supported CIS benchmarks in the Public Policies drop-down menu. Here, you can select a benchmark or click to View the nodes that are currently applied. To access the list of options that are available to perform against a benchmark, click the View drop-down list.

Here, the following options are displayed:

Option	Description
Run	Select to run the benchmark against a specified target. For more information, see Run Benchmark.
Add to Node Group	Select to add the benchmark to a node group. For more information, see Add Benchmark / Policy to Node Group.
Report	Select to access the benchmark reports for the selected benchmark. For more information, see Benchmark Reports.
Export	Select to export the benchmark as a CSV file that contains the complete set of policies included. Once selected, the file is downloaded locally to your device.

Additionally, you can exclude a node group from a benchmark. For more information, see Exclude Node Groups and Individual Checks from a Benchmark.