Manuals / Symantec / Computer Equipment / Server

Symantec Security Expressions Server manual Adding Policies

Models: Security Expressions Server

1 97
Download 97 pages 26.04 Kb
Page 65
Image 65

 

Audit-On-Schedule

 

 

 

posture result remains valid, the software won't attempt

 

 

to audit a system if it connects to the network again.

 

 

Instead, it returns a posture result of Pass.

 

Cache Fail For

Specify how long posture results remain valid when the

 

(Audit-On-Connect Only)

system fails an audit based on this policy. This is a way to

 

 

control how often a system gets audited — as long as a

 

 

posture result remains valid, the software won't attempt

 

 

to audit a system if it connects to the network again.

 

 

Instead, it returns a posture result of Fail.

 

Adding Policies

 

 

To create a policy:

 

 

1.Click Add New on the Policies page.

2.Select a policy file to associate with the policy using one of the following methods.

Upload a policy file – Type the name or Browse for a SIF file. If the SIF file is encrypted, type a password in the Password box to decrypt it.

Download this file from the Policy File Library – Transfers a copy of a policy file from the Policy File Library over the network. Click the Choose button to display a list of the policy files available in the library. Click a policy file to select it.

This option is available only if the server can access a Policy File Library.

3.Optional: In the Name box, change the name of the policy.

The name of the policy file you selected in step 2 appeared in this box when you selected it.

4.Optional: In the Description box, type a description of the policy.

5.If you uploaded a policy file that's encrypted, type a password to decrypt it in the Password box.

Policy files downloaded from the Policy File Library aren't encrypted.

6.If you want the policy to be available to use in audits, check the Make this policy active box.

Clear the check box to make the policy unavailable to use in audits without deleting the policy.

7.Check the Policy is kept up to date with Policy File Library box if you want to regularly update the SIF files in this policy using the policy file library available on line.

This option is available only if the server can access a Policy File Library.

8.If you want the policy to be available to use in self-service audits, check the Available for use in self-service audits box.

9.Type a name and optional description of the policy.

10.For Audit-On-Connect include the Link Type, Device Type, Posture Condition, Pass Results Valid For and Fail Results Valid For settings.

11.Set Windows Group Access. Enter Windows groups, separated by a comma, that can use this policy, remediate audit results generated using this policy, and view audit results for this policy. This establishes which users can access this policy and its audit results due to their role. If

57

Page 64 Page 66
Page 65
Image 65
Symantec Security Expressions Server manual Adding Policies
Page 64 Page 66