Updated on 2024-07-12 GMT+08:00

Creating a Policy Group

You can create a policy group to perform specific, in-depth scan on certain servers.

Prerequisite

The premium edition has been enabled.

So far, you can create a policy group only in the premium edition. If the premium edition is not enabled for a server, the policy group you create for it will not take effect.

Creating a Policy Group

The following uses a Linux server policy in the premium edition as an example:

  1. Log in to the management console.
  2. Click in the upper left corner of the page, select a region, and choose Security > Host Security Service.
  3. In the navigation tree on the left, choose Security Operations > Policies to check the displayed policy groups. For more information, see Table 1.

    • tenant_linux_advanced_default_policy_group: preset policy of the Linux professional edition, which can only be viewed but cannot be copied or deleted.
    • tenant_windows_advanced_default_policy_group: preset policy of the Windows professional edition, which can only be viewed but cannot be copied or deleted.
    • tenant_linux_container_default_policy_group: preset Linux policy of the container edition. You can copy this policy group and create a new one based on it. tenant_linux_enterprise_default_policy_group is the default Linux policy of the enterprise edition. This policy group can only be viewed, and cannot be copied or deleted.
    • tenant_windows_enterprise_default_policy_group: preset Windows policy of the enterprise edition. This policy group can only be viewed, and cannot be copied or deleted.
    • tenant_linux_premium_default_policy_group: preset Linux policy of the premium edition. You can create a policy group by copying this default group and modify the copy.
    • tenant_windows_premium_default_policy_group: preset Windows policy of the premium edition. You can create a policy group by copying this default group and modify the copy.
    • To refresh the list, click in the upper right corner.
    • To view details about the servers associated with a policy group, click the number in the Servers column of the group.
    Table 1 Policy group parameters

    Parameter

    Description

    Policy Group

    Name of a policy group

    ID

    Unique ID of a policy group

    Description

    Description of a policy group

    Supported Version

    edition supported by the policy group

    Supported OS

    OS supported by the policy

    Associated Servers

    Number of servers associated with the policy

  4. Locate the policy group tenant_linux_premium_default_policy_group or tenant_windows_premium_default_policy_group and click Copy in the Operation column of the policy group.

    The following uses a Linux policy group as an example.

  5. In the dialog box displayed, enter a policy group name and description, and click OK.

    • The name of a policy group must be unique, or the group will fail to be created.
    • The policy group name and its description can contain only letters, digits, underscores (_), hyphens (-), and spaces, and cannot start or end with a space.

  6. Click OK.
  7. Click the name of the policy group you just created. The policies in the group will be displayed.
  8. Click a policy name and modify its settings as required. For details, see Editing a Policy.
  9. Enable or disable the policy by clicking the corresponding button in the Operation column.

Follow-up Operations

Deleting a policy group

After a policy group is deleted, the Policy Group column of the servers that were associated with the group will be blank.

  1. Go to the policy list. Delete one or multiple policies.

    You can click Delete in the Operation column of a policy group to delete it.

    You can also select multiple policy groups and click Delete above the list to delete them in batches.

  2. In the displayed dialog box, click OK.