Overview - F-SECURE POLICY MANAGER 9.0 Administrator's Manual

30 | F-Secure Policy Manager | Using Policy Manager Console

Overview

This section provides some general information about Policy Manager Console.
The conceptual world of Policy Manager Console consists of hosts that can be grouped within policy domains.
Policies are host-oriented. Even in multi-user environments, all users of a specific host share common settings.
An administrator can create different security policies for each host, or create a single policy for many hosts.
The policy can be distributed over a network to workstations, servers, and security gateways.
With Policy Manager Console, you can:
• Set the attribute values of managed products.
• Determine rights for users to view or modify attribute values that were remotely set by the administrator.
• Group the managed hosts under policy domains sharing common attribute values.
• Manage host and domain hierarchies easily.
• Generate signed policy definitions, which include attribute values and restrictions.
• Display status.
• Handle alerts.
• Handle F-Secure anti-virus scanning reports.
• Handle remote installations.
• View reports in HTML format, or export reports to various formats.
Policy Manager Console generates the policy definition, and displays status and alerts. Each managed host
has a module (Management Agent) enforcing the policy on the host.
Policy Manager Console recognizes two types of users: administrators and read-only mode users.
The administrator has access to the administration private key. This private key is stored as a file, which may
be shared among users with management rights. The administrator uses Policy Manager Console to define
policies for different domains and individual hosts.
In read-only mode, the user can:
• View policies, statistics, operation status, version numbers of installed products, alerts and reports.
• Modify Policy Manager Console properties, because its installation is user-based and modifications cannot
affect other users.
The user cannot do any of the following in read-only mode:
• Modify the domain structure or the properties of domains and hosts.
• Modify product settings.
• Perform operations.
• Install products.
• Save policy data.
• Distribute policies.
• Delete alerts or reports.
There can be only one administrator mode connection to Policy Manager Server at a time. There can be
several read-only connections to Policy Manager Server simultaneously.