User Guide

ICS Dissolvable Agent for SafeGuard Administration Guide

Chapter 4: Administering Security Scanner Policies

If you are creating a rule requiring an anti-virus application, it is recommended

that you require that the application be running, to prevent users from disabling

the application. You should also require that it be modified no more than a week

ago, to ensure that end point computers are getting virus definition updates

regularly. During a virus outbreak, you will want to require that the file be

modified no more than 24 hours ago.

6 Select the action you want ICS to take if the end point user is not in compliance

with this rule.

7 Use the remediation area to specify any information or resources you want to

provide to end point users to help them to become compliant with this rule.

8 Click Save Rule.

Custom Group Rules

Use custom group rules to group together custom application enforcement rules. End

point computers have to be compliant with at least one rule in the group. For example,

you may want to make a rule group that requires a certain security patch or a certain

service pack, if having either one would fulfill your organization’s security requirements.

Creating Custom Group Rules

To Create a Custom Group:

1 Log into the ICS Administrator Console and click Enforcement Rules.

2 On the Enforcement Rules page click New Rule and choose Custom Group.

3 Enter a Name and a Description for the rule.

4 Choose the enforcement rules you want to include in the group.

End point users will have to be compliant with at least one of these rules. You can

only add custom application rules to a group rule.

5 Select the action you want ICS to take if the end point user is not in compliance

with this rule.

NOTE: To obtain the checksum for your custom application, run

the ICSInfo utility included with Integrity Clientless Security on

your reference computer. For more information, see Obtaining

Application Checksums on page 41.