Updated on 2024-09-23 GMT+08:00

Creating a Custom Policy Group

For premium and container editions, you can copy a policy group and customize it as required to meet server security requirements in different application scenarios.

Creating a Custom Policy Group

  1. Log in to the management console.
  2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > HSS.
  3. In the navigation tree on the left, choose Security Operation > Policies. On the displayed page, Policy group parameters describes the fields.

    If your servers are managed by enterprise projects, you can select an enterprise project to view or operate the asset and scan information.

    Table 1 Policy group parameters

    Parameter

    Description

    Policy Group

    Name of a policy group The preset policy group names are as follows:

    • tenant_linux_advanced_default_policy_group: preset policy of the Linux professional edition, which can only be viewed but cannot be copied or deleted.
    • tenant_windows_advanced_default_policy_group: preset policy of the Windows professional edition, which can only be viewed but cannot be copied or deleted.
    • tenant_linux_container_default_policy_group: preset Linux policy of the container edition. You can copy this policy group and create a new one based on it.
    • tenant_linux_enterprise_default_policy_group is the default Linux policy of the enterprise edition. This policy group can only be viewed, and cannot be copied or deleted.
    • tenant_windows_enterprise_default_policy_group: preset Windows policy of the enterprise edition. This policy group can only be viewed, and cannot be copied or deleted.
    • tenant_linux_premium_default_policy_group: preset Linux policy of the premium edition. You can create a policy group by copying this default group and modify the copy.
    • tenant_windows_premium_default_policy_group: preset Windows policy of the premium edition. You can create a policy group by copying this default group and modify the copy.
    • wtp_ServerName is a WTP edition policy group. It is generated by default when WTP is enabled for a server.

    ID

    Unique ID of a policy group

    Description

    Description of a policy group

    Supported Version

    HSS edition supported by a policy group.

    Supported OS

    OS supported by the policy.

    Associated Servers

    To view details about the servers associated with a policy group, click the number in the Servers column of the group.

  4. Select a premium or container edition policy group and click Copy in the Operation column of the policy group.
  5. In the dialog box displayed, enter a policy group name and description, and click OK.

    • The name of a policy group must be unique, or the group will fail to be created.
    • The policy group name and its description can contain only letters, digits, underscores (_), hyphens (-), and spaces, and cannot start or end with a space.

  6. Click OK.

    After a policy group is created, you can configure rules for each policy in the policy group. For details, see Configuring Policies.

Follow-up Procedure

After creating a policy group and configuring policies, you can apply the new policy group to servers. For details, see Deploying a Protection Policy.