Table of Contents
Advertisement
SecurityExpressions Server User Guide
Description
Policy File
Last Updated
Configure
Windows Group Use Access
Windows Group Remediation
Access
Windows Group Results Access
Use on Link Type
(Audit-On-Connect only)
Device Types
(Audit-On-Connect only)
Posture Condition (Fail If)
(Audit-On-Connect only)
Cache Pass For
(Audit-On-Connect Only)
28
scope or scheduled task.
Optional statement about the policy.
Name of the policy file (.sif), from the policy file library or
a customized policy file.
Date and time the policy file was last saved to the
database.
Some policy files, such as the NSA Guidelines for Windows
XP and Windows 2000, contain a special rule named
.CONFIGURE. The .CONFIGURE rule allows you to
configure your policy files and set global parameters for
policy files at run time. This column shows whether or not
the policy file contains the .CONFIGURE rule.
Certain information is unique and distinct between
systems or groups of systems. A run-time policy variable
allows administrators to use a single policy file but allows
identification of unique rules that require variable
information.
Specify the Windows User Groups who can use this policy,
if you want to restrict access to this policy. Displays
"Everyone" if the policy isn't restricted.
Specify the Windows User Groups who can remediate
audit results generated using this policy, if you want to
restrict access to remediation through this policy. Displays
"Everyone" if remediation through this policy isn't
restricted.
Specify the Windows User Groups who can access results
from audits that used this policy, if you want to restrict
access to this policy's audit results. Displays "Everyone" if
the policy's audit results aren't restricted.
Specify whether to run this policy over fast or slow
connections, or both kinds. Some policies might not be
appropriate to run over slow connections if they request a
large amount of data. For example, applying large policy
files like MS Fixes over a slow network connection, such
as a 56K modem, can take a long time.
Audit with this policy on these device types. Choices
include Windows, UNIX, and Unknown.
The rules for determining if the resulting posture after
auditing with this policy is Pass or Fail. The posture is
based on all policy-file rule results (OK, Not OK), plus
impact and priority settings. Available posture conditions
are:
•
Always Pass
•
Any Fail
•
Any Not OK
•
Any Not OK with Priority
•
Any Not OK with Score
•
Any Not OK with Impact
•
Any Not OK with Key
Specify how long posture results remain valid when the
system passes an audit based on this policy. This is a way
Advertisement
Table of Contents
Need help?
Do you have a question about the Security Expressions Server and is the answer not in the manual?
Questions and answers