Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...


What Are Policy Rules?

A policy rule is a statement that gives you options to allow, deny, apply an encryption key, and audit access attempts on a GuardPoint based on a combination of 6 criteria. The policy rules are analyzed in descending order, similar to firewall rules, which means the order of these rules is important. 


Create a Policy with Security Rules

  1. Log into your DSM as the Security Administrator. 
  2. In the menu bar, click Policies



  3. Click Add Online Policy
  4. In Name, enter a descriptive name. 
    • Once you enter a name for a policy, you cannot change it. 
  5. In Description, enter a short description to help identify the purpose of this policy, such as Database_Policy. 
    • You can change this description at a later time. 
  6. (Optional) Select Learn Mode
    • Armor recommends that you select Learn Mode when you create and apply a new policy. 
    • The cloning feature allows you to create an identical policy for future GuardPoints that require the same access rules.
    • To learn more about Learn Mode, see Create a starter policy with learn mode.
  7. Under Security Rules, click Add



  8. In the window that appears, there are six options: 
    • Resource - Specifies which folders or files in a GuardPoint can be accessed. 
    • User - Specifies the users or user groups that can access the GuardPoint.
    • Process - Specifies the executables that can access the GuardPoint, such as usr/lib/exec/mysql.exe.
    • When - Specifies the date and time range when files can be accessed.
    • Action - Specifies the allowed file action, such as read, write, remove, rename, make directory, etc.
    • Effect - The following options correspond to Effect
      • Permit - Permits access to the data.
      • Apply Key - Enables users and processes the ability to encrypt and decrypt data inside of the GuardPoint.
      • Audit - Creates an entry in the DSM message logs that describes what data is being accessed, when the attempt was made, and the security rule being applied. 
      • Deny - Denies access to the data. You can also deny users or processes by simply leaving them out of the policy rules. 





        Note

        A blank field indicates the value of All.

        Also, note the policy rules are read in a descending order, similar to firewall rules.

  9. To learn more about each of these options, continue to the appropriate section below. 

...