The Phase 1 policy is the best place to begin evaluating your network security. This policy identifies the most significant and the potentially problematic security problems with network resources. Problems in these areas are important and easy to solve.
Move on to the Phase 2 policy after you correct the red level problems on the network resources that the Phase 1 policy reports. The Phase 2 policy contains all of the available modules, but enables only the key security checks in each module. These checks identify the remaining critical security problems in the network.
After you correct the red level problems on all network resources that the Phase 2 policy reported, move on to the Phase 3 policy. This policy provides the following distinct levels of securityas required by the company's security policy: