Setting up Host Integrity

Use Host Integrity policies to make sure that the client computers in your network meet your organization's security policies.
The following table lists the steps you need to perform to set up security compliance using Host Integrity policies.
Tasks to set up Host Integrity policies
Step 1: Add a Host Integrity policy that checks for a requirement on the client computer and enforces a remediation action for non-compliant computers
When you add a new policy, perform the following tasks:
  1. Choose which types of requirements you want the client computer to check. Create a separate requirement for each type of software (such as applications, files, and patches). See:
  2. Configure the remediation actions for non-compliant client computers.
    Remediation requires that the client computer installs or requests the client user to install the required software. See:
  3. Set the order in which requirements are checked and the remediation is tried. For example, updates should be completed in a specific order so that all updates are applied before the user has to restart the client computer.
Step 2: Set the options for the Host Integrity check and notifications
Step 3: Set up peer-to-peer enforcement
If the client computers being tested for Host Integrity compliance are on the same network as already-compliant client computers, you can set up peer-to-peer enforcement. You primarily use peer-to-peer enforcement for file sharing. See:
Step 4: Set up a Quarantine policy for non-compliant and unremediated computers (optional)
If the client computer fails the Host Integrity check and does not perform remediation, you can quarantine the computer using a Quarantine policy. See: