Applicable to Entuity v22.0 upwards. If you are using an earlier version of Entuity, please see this article.
To access the Policy Management page
Creating new policy rules on a single server vs a multi-server configuration
To delete/remove exclude files
To view a history of policy violations
Introduction:
You can view and manage both policy rule files and exclude files from the Policy Management page. From this page, you can see if the policies are in use, create new policy rules, edit existing policies, or delete policies. You can also view a history of policy violations over the previous year on devices on your current server (or selected server from the server dropdown box).
For help and information on checking and retrieving configuration files for a managed device, please see this article.
To access this page, you must have the Configuration Monitor Administration tool permission. Please see this article for further help and information on user group permissions in Entuity.
To access the Policy Management page:
- From the Main Menu, click Administration. Click Policies.
- The Policy Management page will open, by default on the Policy Rules tab, which displays a list of the policy rules files. The Exclude File tab displays the exclude files.
To create new policy rules:
Entuity recommends that you copy the contents of a policy file from a specialized third party editor into the Create Policy Rules form.
- Navigate to the Policy Management page and ensure that you are under the Policy Rules tab.
- Click +Create Policy Rules at the top of the page, or via the Overflow Menu.
- The Create Policy Rules form will open on the right of the page.
- You can click the popout icon to expand the area in which the details are entered. Click Save at the bottom of the popout window to save your changes and return to the form, otherwise click the X in the top right corner.
- Once you have made your changes, click Done in the top right of the form to save your new policy rules, otherwise click Cancel.
Creating new policy rules on a single server vs a multi-server configuration:
Policy files are server-specific. These are stored locally in the entuity_home/etc directory. In a multi-server configuration (e.g. with servers 1 and 2), you can create a policy file on server 1 and then physically copy that file into the same directory location in server 2. That copied file will then appear in the Policy Management page list for server 2.
To view policy rules:
From the Policy Rules tab of the Policy Management page, select the policy rules that you want to see and click View Policy Rules at the top of the page, or via the Overflow Menu or right-click Context Menu.
The View Policy Rules form will open, allowing you to view the details of the policy rules. You can expand the window using the popout icon .
Note, you will not be able to edit the policy rules from this option. For this, you will need to use the Edit Policy Rules functionality (see below).
To edit policy rules:
- Navigate to the Policy Rules tab of the Policy Management page.
- From the table, select the policy rules that you want to edit and click Edit Policy Rules at the top of the page, or via the Overflow Menu or right-click Context Menu.
- The Edit Policy Rules form will open, allowing you to view and edit the details of the policy rules. You can expand the window using the popout icon .
To delete/remove policy rules:
- Navigate to the Policy Rules tab of the Policy Management page.
- From the table, select the policy rules that you want to remove and click Remove Policy Rules at the top of the page, or via the Overflow Menu or right-click Context Menu.
- A deletion confirmation dialog will appear. Click Yes to delete.
Deleting a policy will simply remove it from the devices that are using it. If it is in use, you will be warned of this via the deletion confirmation dialog.
To create exclude files:
- Navigate to the Exclude Files tab under the Policy Management page.
- (Note, if you are in using a multi-server configuration and want to create exclude files on a remote server via the consolidation server, ensure that you select the desired remote server from the server dropdown field in the top left of the page. For more information on multi-server configuration in Entuity, please see this section.)
- Click +Create Exclude File at the top of the page, or via the Overflow Menu.
- The Create Exclude File form will open on the right of the page.
- You can click the popout icon to expand the area in which the details are entered. Click Save at the bottom of the popout window to save your changes and return to the form, otherwise click the X in the top right corner.
To view exclude files:
From the Exclude Files tab of the Policy Management page, select the exclude file that you want to see and click View Exclude File at the top of the page, or via the Overflow Menu or right-click Context Menu.
The View Exclude File form will open, allowing you to view the details of the policy rules. You can expand the window using the popout icon .
Note, you will not be able to edit the exclude file from this option. For this, you will need to use the Edit Exclude File functionality (see below).
To edit exclude files:
- Navigate to the Exclude Files tab of the Policy Management page.
- From the table, select the exclude file that you want to edit and click Edit Exclude File at the top of the page, or via the Overflow Menu or right-click Context Menu.
- The Edit Exclude File form will open, allowing you to view and edit the details of the exclude file. You can expand the window using the popout icon .
To delete/remove exclude files:
- Navigate to the Exclude Files tab of the Policy Management page.
- From the table, select the exclude file that you want to remove and click Remove Exclude File at the top of the page, or via the Overflow Menu or right-click Context Menu.
- A deletion confirmation dialog will appear. Click Yes to delete.
To view a history of policy violations:
From the History tab of the Policy Management page, you can view a history of policy violations over time for every device on your server (or the selected server in the server dropdown field in the top left of the tab). The list of policy violations includes the violations for any archived configurations that have been saved to Entuity within the last 12 months (by contrast, policy violation events are by default displayed for 14 days).
This tab is informational, and presents a table displaying the following information:
Column | Description |
---|---|
Time | timestamp of the policy violation. |
Source | device name/IP address on which the policy violation occurred. |
Vendor | device vendor/manufacturer. |
Server | server on which the device is managed. |
Name of Policy Violation | e.g. 'CM Configuration Missing Policy Mandated Statement'. |
Details | details of the violation, e.g. 'Device configuration is missing no_ip_source-route'. |
Zone Name | zone to which the device belongs. |
Comments
0 comments
Please sign in to leave a comment.