Symantec Security Expressions Server Server User Manual


 
Audit-On-Connect
29
to control how often a system gets audited — as long as a
posture result remains valid, the software won't attempt
to audit a system if it connects to the network again.
Instead, it returns a posture result of Pass.
Cache Fail For
(Audit-On-Connect Only)
Specify how long posture results remain valid when the
system fails an audit based on this policy. This is a way to
control how often a system gets audited — as long as a
posture result remains valid, the software won't attempt
to audit a system if it connects to the network again.
Instead, it returns a posture result of Fail.
Adding Policies
To create a policy:
1. Click Add New on the Policies page.
2. Select a policy file to associate with the policy using one of the following methods.
Upload a policy file – Type the name or Browse for a SIF file. If the SIF
file is encrypted, type a password in the Password box to decrypt it.
Download this file from the Policy File Library – Transfers a copy of a
policy file from the Policy File Library over the network. Click the Choose
button to display a list of the policy files available in the library. Click a
policy file to select it.
This option is available only if the server can access a Policy File Library.
3. Optional: In the Name box, change the name of the policy.
The name of the policy file you selected in step 2 appeared in this box when you selected
it.
4. Optional: In the Description box, type a description of the policy.
5. If you uploaded a policy file that's encrypted, type a password to decrypt it in the
Password box.
Policy files downloaded from the Policy File Library aren't encrypted.
6. If you want the policy to be available to use in audits, check the Make this policy
active box.
Clear the check box to make the policy unavailable to use in audits without deleting the
policy.
7. Check the Policy is kept up to date with Policy File Library box if you want to
regularly update the SIF files in this policy using the policy file library available on line.
This option is available only if the server can access a Policy File Library.
8. If you want the policy to be available to use in self-service audits, check the Available
for use in self-service audits box.
9. Type a name and optional description of the policy.
10. For Audit-On-Connect include the Link Type, Device Type, Posture Condition, Pass
Results Valid For and Fail Results Valid For settings.
11. Set Windows Group Access. Enter Windows groups, separated by a comma, that can use
this policy, remediate audit results generated using this policy, and view audit results for this