Using the Policy Installation tool

Learn how to install a policy on your Guardium system.

Install a policy

  1. Go to Protect > Security Policies > Policy Builder for Data to open the Security Policies page.
  2. Select the policy to be installed.
  3. Click Install > Install. The Install policy window opens.
  4. Select an Installation action.
    • Install and override: delete all installed policies and install the selected one instead.
    • Install first: install the selected policy as the first one in the sequence (before all currently installed policies).
    • Install last: install the selected policy as the last one in the sequence (after all currently installed policies, which gives it the lowest priority).
  5. Select the collectors on which to install the policy.
  6. Click OK. The system responds with a message indicating success, or not.
  7. Optionally, go to the Policy Installer amd click Modify Schedule to open the scheduling utility, to schedule recurring installation.

Multi-policy support

More than one installed policy is permitted at the same time. All installed policies are available for action. There are two limitations: policies defined as selective audit policies can not be mixed with polices not defined as selective audit policies, and policies defined as flat log cannot be mixed with policies not defined as flat log. If trying to mix policies, an error message results when installing these mixed policies.

The order of appearance can be controlled during the policy installation, such as first, last, or somewhere in between. But the order of appearance can not be edited at a later date.

On the Security Policies page, click Uninstall policy to remove an installed policy.

The first installed policy has a special meaning, as it sets the value of the global policy parameters. These parameters are: Global pattern; Is it a selective audit; Client and Server net mask; Tagged Client and Server group ID.

This multi-policy support is available through the GUI (Setup > Tools and Views > Policy Installation) and through GuardAPI.

View policy rules for the installed policy

In the Currently Installed Policies page, any user can view the rules of the installed policy, and in addition, authorized users can open the policy for editing.

  1. Go to Protect > Security Policies > View Installed Policy to open the Currently Installed Policies page.
  2. Click View Details Report to see a detailed list of installed policies and rules.
  3. Click edit to edit the policy and its rules.