Symantec Security Expressions Server User Manual

SecurityExpressions Server User Guide

56

Description

Optional statement about the policy.

Policy File

Name of the policy file (.sif), from the policy file library or

a customized policy file.

Last Updated

Date and time the policy file was last saved to the

database.

Configure

Some policy files, such as the NSA Guidelines for Windows

XP and Windows 2000, contain a special rule named

.CONFIGURE. The .CONFIGURE rule allows you to

configure your policy files and set global parameters for
policy files at run time. This column shows whether or not

the policy file contains the .CONFIGURE rule.

Certain information is unique and distinct between

systems or groups of systems. A run-time policy variable

allows administrators to use a single policy file but allows

identification of unique rules that require variable
information.

Windows Group Use Access

Specify the Windows User Groups who can use this policy,

if you want to restrict access to this policy. Displays

"Everyone" if the policy isn't restricted.

Windows Group Remediation

Access

Specify the Windows User Groups who can remediate

audit results generated using this policy, if you want to

restrict access to remediation through this policy. Displays

"Everyone" if remediation through this policy isn't
restricted.

Windows Group Results Access

Specify the Windows User Groups who can access results

from audits that used this policy, if you want to restrict

access to this policy's audit results. Displays "Everyone" if
the policy's audit results aren't restricted.

Use on Link Type

(Audit-On-Connect only)

Specify whether to run this policy over fast or slow

connections, or both kinds. Some policies might not be

appropriate to run over slow connections if they request a
large amount of data. For example, applying large policy

files like MS Fixes over a slow network connection, such

as a 56K modem, can take a long time.

Device Types

(Audit-On-Connect only)

Audit with this policy on these device types. Choices

include Windows, UNIX, and Unknown.

Posture Condition (Fail If)

(Audit-On-Connect only)

The rules for determining if the resulting posture after

auditing with this policy is Pass or Fail. The posture is
based on all policy-file rule results (OK, Not OK), plus

impact and priority settings. Available posture conditions

are:

• Always Pass

• Any Fail

• Any Not OK

• Any Not OK with Priority

• Any Not OK with Score

• Any Not OK with Impact

• Any Not OK with Key

Cache Pass For

(Audit-On-Connect Only)

Specify how long posture results remain valid when the

system passes an audit based on this policy. This is a way
to control how often a system gets audited — as long as a