Creating a Custom Policy Group

Scenario

For premium and container editions, you can copy a policy group and customize it as required to meet server security requirements in different application scenarios.

Creating a Custom Policy Group

1. Log in to the management console.
2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > Host Security Service.
3. In the navigation tree on the left, choose Security Operation > Policies. On the displayed page, Policy group parameters describes the fields.

   Table 1 Policy group parameters

   Parameter	Description
   Policy Group	Name of a policy group The preset policy group names are as follows: tenant_linux_advanced_default_policy_group: preset policy of the Linux professional edition, which can only be viewed but cannot be copied or deleted. tenant_windows_advanced_default_policy_group: preset policy of the Windows professional edition, which can only be viewed but cannot be copied or deleted. tenant_linux_container_default_policy_group: preset Linux policy of the container edition. You can copy this policy group and create a new one based on it. tenant_linux_enterprise_default_policy_group is the default Linux policy of the enterprise edition. This policy group can only be viewed, and cannot be copied or deleted. tenant_windows_enterprise_default_policy_group: preset Windows policy of the enterprise edition. This policy group can only be viewed, and cannot be copied or deleted. tenant_linux_premium_default_policy_group: preset Linux policy of the premium edition. You can create a policy group by copying this default group and modify the copy. tenant_windows_premium_default_policy_group: preset Windows policy of the premium edition. You can create a policy group by copying this default group and modify the copy. wtp_ServerName is a WTP edition policy group. It is generated by default when WTP is enabled for a server.
   ID	Unique ID of a policy group
   Description	Detailed description of a policy group.
   Supported Version	HSS edition supported by a policy group.
   Supported OS	OS supported by a policy group.
   Associated Servers	To view details about the servers associated with a policy group, click the number in the Servers column of the group.

4. (Optional) If you have enabled the enterprise project function, select an enterprise project from the Enterprise Project drop-down list in the upper part of the page to view its data.
5. Select a premium or container edition policy group and click Copy in the Operation column of the policy group.
6. In the dialog box displayed, enter a policy group name and description, and click OK.
   • The name of a policy group must be unique, or the group will fail to be created.
   • The policy group name and its description can contain only letters, numbers, underscores (_), hyphens (-), and spaces, and cannot start or end with a space.

7. Click OK.

   After a policy group is created, you can configure rules for each policy in the policy group. For details, see Configuring Policies.

Follow-up Procedure

After creating a policy group and configuring policies, you can apply the new policy group to servers. For details, see Deploying a Protection Policy.