Creating advanced session-level policies

Use advanced session-level policy scripts to validate incoming packets and define actions based on the result. The action can send the request back to the S-TAP, transform the runtime data for the analyzer, and prepare the data for the parser or logger.

About this task

This procedure describes how to install advanced session-level policies from the Policy Builder for Data. It assumes that you are familiar with creating advanced session-level policies using the SR language or have completed SR scripts ready to import.

Procedure

  1. Open Protect > Security Policies > Policy Builder for Data.
  2. Use the new icon to create a new policy.
  3. From the Create New Policy window, set the Type to Advanced session level policy and enter a Name for the new policy.
  4. Optional: Use the Roles button to assign roles to the policy.
  5. Open the Rule panel.
  6. Edit or import an advanced session-level policies script.
    • Edit a script:
      1. Use the edit icon to begin editing an advanced session-level policies script.
      2. Use the Check syntax button at any time to validate the script.
      3. When you have finished editing the script, click OK.
    • Import a script:
      1. Use the Import from file button to open the Select an advanced session level policies script to upload dialog.
      2. Use the Browse button and select a file to upload. The script file should be plain text and include a valid advanced session level policies script.
      3. Use the Upload button to import the script. If there is an existing script, either Append the new script or Replace the existing scrips.
      4. You can continue editing the script directly in the Guardium UI. Use the Check syntax button at any time to validate the script.
      5. When you have finished editing the script, click OK.
  7. If the script validates, the policy is saved and can be installed from the Security Policies table. If the script fails to validate, review the error message and update the script.