Below are two use cases.
- I need to get baseline machines which are having software vendor ‘Symantec Corporation’ and software name ‘Symantec Endpoint Protection’
- I need to get baseline machines which are having software name ‘Symantec Endpoint Protection’ and same machine is having any software from vendor ‘checkpoint’.
Use case 1:
For first use case, you can configure baseline compliance rule by selecting ‘Software’ as filter, and choose Installed Software and Vendor in single sub-rule as mentioned in below image.
Final rule will appear as below given.
Use case 2:
For second use case, you need to configure baseline compliance rule by selecting ‘Software’ filter, and choose Installed Software with name ‘Symantec Endpoint Protection’ and add to main rule.
Then again select ‘Software’ filter and choose vendor as ‘Checkpoint’ as given in below image.
Then add to main rule. Final rule will appear as below given.
Explanation
Use case 1 is meant for single entity. Here both software name and vendor will be checked against single software in a machine. In our example, the machines which are having software name ‘Symantec Endpoint Protection’ and the vendor name as ‘Symantec Corporation’ will satisfy this rule.
Whereas use case 2 is meant for multiple entity within a machine. Here first it will check for machines which are having ‘Symantec Endpoint Protection’, then in same machine whether any software available from ‘Checkpoint’ vendor available, then those machines will satisfy this rule.