Versions Compared

Old Version 61

changes.mady.by.user Former user

Saved on

compared with

New Version 62

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This topic explains your options for creating Vormetric policy rules and how to configure these rules in your DSM (Data Security Manager). These rules will determine who or what has access to your encrypted data.

...

Widget Connector
urlhttps://www.youtube.com/watch?v=FXRih1bzZaQ

...

Before you begin, you must:

...

A policy rule is a statement that gives you options to allow, deny, apply an encryption key, and audit access attempts on a GuardPoint based on a combination of 6 criteria. The policy rules are analyzed in descending order, similar to firewall rules, which means the order of these rules is important. 

...

  • Once you enter a name for a policy, you cannot change it. 

...

  • You can change this description at a later time. 

...

  • Armor recommends that you select Learn Mode when you create and apply a new policy. 
  • The cloning feature allows you to create an identical policy for future GuardPoints that require the same access rules.
  • To learn more about Learn Mode, see Create a Starter Policy with Learn Mode.

...

Note

A blank field indicates the value of All.

Also, note the policy rules are read in a descending order, similar to firewall rules.

...

titleRule Criteria (Resource)

This topic explains how to create a new Resource Set. 

...

Note

When specifying a resource, do not use Select a Host or the Browse function to designate a directory path. This feature automatically puts the full path of the resource in the Directory field. This action will cause the rule to be analyzed incorrectly.

Also, by default, the Include Sub-Folders is selected. This option permits access to any sub-folders beneath the specified resource. If necessary, you can unmark this option.

...

titleRule Criteria (User) 

This topic explains how to create a new User Set. This option allows specific, authorized users or user groups to access a GuardPoint. 

...

titleRule Criteria (Process) 

This topic explains how to create a Process Set. This option allows a path or paths and their executables to access a GuardPoint. 

...

titleRule Criteria (Time) 

This topic explains how to create a Time Set. This option allows or denies access to a guarded folder based on a configured day and time.

...

titleRule Criteria (Action) 

This topic explains how to create an Action Set. This option allows you to limit the type of actions a user or process (with permitted access) can execute in a GuardPoint.   

...

titleRule Criteria (Effect) 

The Effect field must be completed; this is the only mandatory field to complete in order to create a policy rule.

The Effect field will either permit or deny access, and additionally, determine if the rule should be audited or if the encryption key will be applied.

The following table shows the available options:

...

Denies access to the data.

...

Creates an entry in the Message Log that describes:

  • What data was accessed
  • When the data was access
  • The applied security rule

Image Removed

...

Was this helpful?