Creating and installing a policy and policy rules

Use the Policy Builder for Data to manage policies and policy rules.

About this task

The Policy Builder for Data provides a single solution for creating and modifying policies, policy rules, and policy rule actions. This procedure describes an end-to-end workflow for creating and installing a policy.

Note: After you update a policy (such as changes to group members, policy rules, or actions), you must reinstall the policy. You can either reinstall the policy on a managed unit, or select Policy installation schedule from the configuration profile. Use the Policy installation schedule to schedule a distribution that pushes the policy from the central manager to specified managed units. For more information, see Working with configuration profiles.
Important: Policies that are installed from the central manager to an aggregator might appear in the aggregator UI as not installed because you cannot install policies on an aggregator. To determine whether a policy is installed, run the list_installed_policies API or check in the Policy Builder for Data page for each aggregator.

Procedure

  1. Navigate to Protect > Security Policies > Policy Builder for Data.
  2. Create a policy or clone an existing policy or policy template.
    • To create a new policy, click the new icon.
    • To clone an existing policy, select an existing policy or policy template from the Security Policies window and click the copy icon.
      Tip: Guardium provides templates of predefined policies that you can use to build similar policies. Clone the [template] version and customize it as needed.
    1. From the Name and properties ribbon of the Create New Policy page, specify a policy Type and policy Name.
      Note: The policy name must not exceed 255 characters.
    2. Optional: For data-security policies, specify additional settings.
      • Use the Category field to provide an arbitrary label for grouping policy violations for reporting purposes. The category that is specified here is used as the default category for each rule and can be overridden in individual rule definitions.
      • Click Show advanced options to work with the following settings:
  3. Click the Rules ribbon to begin working with policy rules.
    • To create a new rule, click the new icon.
    • To clone a rule, select an existing rule and click the copy icon.
    • To edit a rule, select an existing rule and click the edit icon.
    1. From the Rule definition ribbon of the Create New Rule window, specify a Rule type and Rule name.
      Note: The rule name must not exceed 255 characters.
      For access and exception rules, optionally specify Category and Classification values for reporting purposes, and define the rule Severity.
    2. Click the Rule criteria ribbon and begin defining rule parameters and values.
      Some rule criteria are only available for specific rule types or are only available after other criteria are defined. The policy builder manages these dependencies for you: criteria are available for use only in valid contexts.
      • Use the menus to select individual parameters and define selection operators before you specify values or groups to match.
      • Use the add and remove icons to add or remove criteria from the rule.
      For more information about rule criteria, see Rule definition fields and Values and groups of values in rules.
    3. Optional: After defining criteria on the Rule criteria ribbon, select the Continue to next rule checkbox.
      Use this setting in cases where it is necessary to take multiple actions for the same or similar conditions. For more information, see Continue to next rule.
    4. Click the Rule action ribbon to begin working with rule actions.
      • To create a new rule action, click the new icon and select an action. If further configuration is required, use the Add New Action window to define the action.
      • To edit a rule action, select an existing action and click the edit icon and use the Edit Action window to update the rule action configuration.
      For more information about available actions, see Policy rule actions.
    5. When you finish defining the rule, click OK to return to the Rules ribbon.
      Continue creating, cloning, and editing rules as needed.
  4. When you finish defining the policy and its rules, click OK to save the policy and return to the Security Policies table.

What to do next

To install policies, select a policy from the Security Policies window and click Install > Install. Select the Installation action you want and click OK to install the policy. Installed policies are indicated by a check mark in the Installed column.

You can also install policies by using Protect > Security Policies > Policy Installation. For more information, see Using the Policy Installation tool.