|
|
What happens when a new version of policy is available in the Policy Library? |
|
Go to PC > Policies > New > Policy. Then choose one of these options: 1) start with an empty policy and build it from scratch, 2) create a policy based on scan data from an existing host, 3) import a policy from our Library or 4) import a policy from an XML file. We'll walk you through the steps.
By default your new policy will be active, which means it is available for scanning and reporting from the time it is created. To create an inactive policy, simply clear the "Activate this policy" check box and the new policy will be saved as inactive. It’s easy to activate it at a later time.
Want help configuring your policy? See Using the Policy Editor.
Policies are always evaluated when new scan results are processed for hosts in your policy. You can also start policy evaluation when saving changes to a policy by clicking Evaluate Now before clicking Save. You can also evaluate policies anytime by clicking Evaluate from the policies list. You can see the date and time of the last policy evaluation in the preview pane of the policies list.
It is recommended to click Evaluate Now while saving a policy after making any changes that impact the posture, such as:
- Adding or removing controls
- Adding or removing a technology at the policy or the control level
- Adding or removing an asset group
- Updating an expected value
Failing to click Evaluate Now might result in inconsistent posture data. This is because the posture data for assets associated with removed controls, technologies, or asset groups may not be deleted immediately. The data is deleted when the policy evaluation takes place during the next scan or policy processing triggered by a change in the asset group or UDC.
Yes, by exporting a compliance policy to XML or CSV, you can easily share the policy with other users. Users can import policies that are in XML format into their subscription. Learn more
Our library includes locked policies for testing compliance against specific CIS benchmarks. These policies have been reviewed and certified by CIS (the Center for Internet Security). When a policy is locked, you can add hosts to the policy but you can't make any other edits. (Tip - During the import you'll have the option to import the locked policy as unlocked. This lets you remove the editing restrictions.)
This prevents others from editing it. Policies locked by a user can be easily identified by this icon Learn MoreLearn More
- Locked policies cannot be edited, however they are still available for reporting. Policies must be unlocked to enable editing.
- Only Managers and Unit Managers have permission to lock a policy.
- Managers can unlock any policy, but Unit Managers can unlock only the polices locked by them.
- Policies that are locked while importing and SCAP policies cannot be locked or unlocked.
Tell me the steps. Go to your policies list and choose the action you want to take from the Quick Actions menu - Lock or Unlock. Use the Actions menu to take action on multiple policies in one go. Tip - You can also do this from within the Policy Editor.
When you delete a policy, the policy will no longer be available for scanning and reporting. For compliance policies, any exceptions created for the policies will also be deleted. For SCAP policies, results for scans run with the policies will be deleted. Once a policy is deleted it is not recoverable. You may consider deactivating a policy instead of deleting it.
To proceed with deleting a policy, go to PC > Policies and select the policy you want to delete. Then choose Delete from the Actions menu above the list. When the confirmation window appears, choose Delete again to proceed.
The older version will be removed from the Policy Library and the newer version will be available for import to your subscription. Note that any policies already imported to your subscription will remain in your subscription unless removed by a user. To view and select policies from our Library, go to PC > Policies > New > Policy > Import from Library.
You can easily identify the policy status by the following icons: means Active Policy and means Inactive Policy.
Go to PC > Policies and identify the policy you want to deactivate. Then choose Deactivate from the Quick Actions menu. Tip - You can also deactivate the policy from within the Policy Editor.
Posture evaluation will not take place for the policy. The policy will be hidden from your dashboard, reports and exceptions. The policy will be removed from compliance scorecard reports and from option profiles (with the Scan by Policy option enabled). Any policy report schedules for the policy will also be deactivated.
Go to PC > Policies and identify the policy you want to activate. Then choose Activate from the Quick Actions menu. Tip - You can also activate the policy from within the Policy Editor. By default, any new policy is marked active.
Posture evaluation will resume and the policy will be available again for scanning and reporting. You’ll need to manually re-activate the report schedules however the policy will be pre-selected for you. You need to also add the policy back to your scorecard reports and option profiles, manually.