Creating and Viewing Enforcement Policy for Nodes

Enforcement Policies work in a similar fashion to sorting in a mail room. All Nodes flow through a Priority List of Enforcement Policies to decide how much access they are allowed and which Groups they fit into. (When creating custom Enforcement Policies, or re-arranging your Enforcement Policy list, two Enforcement Policies are required to stay where they are)

  • Blocking Exceptions: A custom Enforcement Policy cannot be placed above the Blocking Exceptions, or the Exceptions will not be properly applied
  • Default Policy: A custom Enforcement Policy cannot be placed below the Default Policy, as these are the bottom baselines for Enforcement

To Create An Enforcement Policy

  1. Go to Policy in the top panel
  2. Go to Policy > Enforcement Policy in the left Policy panel
  3. Click Tasks > Create
  4. Action tab click Next
  5. General tab create an ID and enter brief Description to identify what the Policy does (Priority stays as default. Status should be Enabled) Click Next
  6. Node Group tab select the Node Group that was created, move to Selected section and click Next
  7. Permission tab select Available Permission and move to Selected and click Next
  8. Redirection tab is optional to set CWP and Switch Block options. Click Next
  9. Agent Action tab is optional to add Agent Actions
  10. Click Finish

Viewing Enforcement Policy Utilization

Widgets displaying enforcement stats can be viewed by clicking Policy from the top panel and then selecting Policy > Enforcement Policy from the left Policy panel.

The two widgets displayed are:

  • Sensor Operation Mode Status Statistics: Shows how many Sensors are Up and how many are in Monitoring or Enforcement Sensor Operating Mode
  • Nodes Denied Status: Shows percentage of nodes denied out of all detected nodes

To See Enforcement Status on Node Management Page

The Enforcement Status of a Node can be found by on the Node Management page, which can be viewed from the top panel by clicking Management > Node

  • Enforcement Policy Column: Shows which Policies are being enforced on that Node. If a Node has a Policy listed in Orange, that means that node is currently Blocked because it is not compliant with that Policy.

To Group by Enforcement Policy

Go to the Status & Filters window in the bottom left corner of the Node Management page. Select from the options under Enforcement Policy.