Chapter 4 Quick Start Configuration
Configure a Group
Figure 4-1 Group Configuration View
Step 4 Cisco suggests that you select the Test Mode checkbox (available from the Rule overrides section) for this group. In Test Mode, the policy we will later apply to this group will not be active. In other words, the agent will not deny any action even if an associated policy says it should be denied. Instead, the agent will allow the action but log an event letting you know the action would have been denied.
Using Test Mode helps you to understand the impact of deploying a policy on a host before enforcing it. If examining the logs shows you that the policy is working as intended on a group, you can then remove the Test Mode designation. For detailed information on Polling intervals, Test Mode, Verbose Logging
Mode, Log deny actions and Filter user from events refer to the User Guide.
Step 5 Click the Save button to enter and save your group in the CSA MC database.
| Installing Management Center for Cisco Security Agents 5.2 |
|
