Use the Policy Builder for Data to create and install
session-level policies.
About this task
The overall workflow for defining session-level policies is the same as for standard
data-security policies. For information about defining policies, see Creating and installing a policy and policy rules. This procedure focuses on unique aspects of creating
session-level policies.
Procedure
-
Navigate to .
- Create a new policy or clone an existing policy.
- To create a new policy, click the icon.
- To clone a policy, select an existing session level policy template from the
Security Policies window and then click the icon.
-
Important: Policies that are installed from the central manager to an
aggregator might appear in the aggregator UI as not installed because you cannot install policies on
an aggregator. To determine whether a policy is installed, run the
list_installed_policies API or check in
the
Policy Builder for Data page for each aggregator.
The Create New Policy window displays.
- For a new policy, from the Name and properties pane, set the
policy type to Session level policy and define a policy name.
Attention: After a policy is saved as a session-level policy, you cannot change it to a
data-security policy.
- Click the Rules pane to begin working with policy rules, then
create a new rule by clicking the icon.
- From the Rule definition pane of the Create New
Rule window, define a Rule name.
For session-level
policies, the Rule type field is predefined to
Session.
- Click the Rule criteria pane and begin defining rule parameters
and values.
- Use the menus to select individual parameters and define selection operators, and then specify
values or groups to match.
- Use the and icons to add or remove criteria from the rule.
For more information about rule criteria, see
Rule definition fields and
Values and groups of values in rulesAttention: Unlike standard data-security policies, all rule criteria available for
session-level policies are based on the session.
- Click the Rule action pane to begin working with rule actions,
then create a new rule action by clicking the icon and selecting an action.
-
When finished defining the rule, click OK to return to the
Rules pane.
Continue working with rules as needed.
-
When finished defining the policy and its rules, click OK to save the
policy and return to the Security Policies table.
What to do next
Install policies by selecting a policy from the Security
Policies window and clicking . Select the Installation action you want and click
OK to install the policy. Installed policies are indicated by a in the Installed
column.