User Guide

ManualsBrandsAlcatel-Lucent ManualsOtherOMNIVISTA SAFEGUARD MANAGER

101

102

103

104

105

106

107

108

109

110

OmniVista SafeGuard Manager Administration Guide

109

Chapter 5: Device Configuration

Policies

Policies are the rules that govern user access and resources. Policies are used to establish

the boundaries and enforce a security philosophy for these users and resources.

OmniVista SafeGuard Manager supports the following policies:

■ Malware policies—Specify how the infection is handled when SafeGuard detects

malware on the host. These policies allow you to set how little or how much

access a user or an application can have on the network when an infection is

suspected.

You can set up malware policies to block the infected user or application, or allow

the end device to communicate to an IT server or Internet website for automatic

upload of the most recent anti-virus software or OS patch. When the infection is

specific to a particular application, malware policies allow traffic from other

applications to continue unimpeded.

■ User policies—Allow user access to network resources and applications based on

the authentication state of the user. When a user logs on to the network, the

machine starts authentication using the username, password credentials, IP

address, MAC address, authentication state, and user role. Using a set of

configured role mapping rules and information intercepted from the

authentication server, a user role is derived for the user. The system uses the role

and the configured role mapping rules. Using a role hierarchical system, it applies

all of the policies or rules for that particular user based on the user role. A user role

is a designation for the user, usually a job classification such as a software

engineer.

Each policy comprises of multiple rules (filters), which is how the traffic is

matched. A rule has two parts: a filter and an action. When a filter condition is

true, its action might be to allow access or deny access to a resource. For example,

all engineers might be allowed access to the engineering servers but restricted

from accessing Finance or Human Resources servers.

■ System policies—SafeGuard has a set of default policies and roles that are

primarily used by internal routines. These policies cannot normally be configured

by the user.

■ Override policies—Policies that take precedence over system policies. In the rare

case where it is necessary to temporarily override a system policy, create an

override policy. These policies have a higher ranking than system policies and are

executed after malware policies

■ EPV policies—EPV helps ensure that a user’s system and virus software are kept

up-to-date. End point Posture Verification (EPV) is a component of SafeGuard OS

that validates software compliance. EPV policies are the mechanisms that control