User Guide
OmniAccess SafeGuard OS Administration Guide
316
Chapter 7: Establishing a Security Policy
The following example assigns the policy, sw_engineering_policy, as a major severity:
(SafeGuardOS) (config) # policy user sw_engineering_policy
(SafeGuardOS) (policy-user) # severity major
(SafeGuardOS) (policy-user) #
The severity of the policy does not influence the order in which policy is assigned. The
order is specified by precedence number.
Adding a Category
A policy can be optionally designated in a certain category as a method of controlling
applications or of controlling resources. If the log option is specified in rules, this
information displays in OmniVista SafeGuard Manager. Add this optional parameter
using the following command:
category [ApplicationControl | ResourceAccess | string]
The following example assigns the policy, testbed_policy, as being under resource
control:
(SafeGuardOS) (config) # policy user testbed_policy
(SafeGuardOS) (policy-user) # category ResourceAccess
(SafeGuardOS) (policy-user) #
Configuring the Rules
For each rule we need to define a filter and an action to execute. The overall syntax of a
policy filter is:
info
Indicates an informational severity and the message
displays in white
.
major
Indicates a major severity and the message displays
in orange
.
minor
Indicates a minor severity and the message displays
in yellow
.
Syntax Description ApplicationControl
Indicates that the policy is being used to
control applications
.
ResourceAccess
Indicates that the policy is being used to
control resources
.
string
Indicates a custom use of the policy.