The Policies screen allows OneView users to add, edit, or clone global and local security policies and easily apply them to one or more customer sites. This feature helps OneView users globally manage customer sites without configuring security policies for each Nebula platform individually.
Policies page
To view the Policies page in OneView, go to Configure > Policies. This shows a list of your existing policies, which groups and sites they are applied to, and what products are active for each policy. You can use the magnifying glass at the top-right of the screen to search for specific policies in your list. Policies are shown as line items with different columns highlighting specific information. These columns are:
- Name: The name given to the policy. Click the column header to sort policies by alphabetical or reverse alphabetical order.
- Groups: Shows the number of groups this policy is assigned to. Click the group number to view the names of each group using the policy.
- Site restricted: Shows the name of the site this policy is assigned with or displays Global if this is a global-level policy.
-
Protection layers: View enabled or disabled protection layers at a glance directly from the policy page. Click on an OS category to view detailed policy information.
- Additional Protection: Displays paid service and module policy information enabled within the policy.
- Last updated at: Shows the date of the last time a OneView user made edits to this policy. Click the column header to sort policies based on the last time they were updated.
-
Actions: Click the ellipsis icon to choose actions in a drop-down menu. These options are:
- Edit: Click this to edit and configure the policy. Options are the same as adding a new policy.
- Set as default: Click this to set this policy as the Default. We recommend setting a policy to default to help you identify the policy configured for most of your customer sites.
-
Duplicate: Click this to duplicate the existing policy. You must set a new policy name for the duplicate and select whether this is a Global policy or site-specific policy.
Note: Global Admins can clone any policy into a global or site-specific policy. Site Admins and Customer Admins can only clone a policy into a site-specific policy for their assigned sites. - Delete: Click this to delete this policy. A window appears to confirm your choice. You cannot delete the Default policy.
Add Policy
- On the left navigation menu, click Configure > Policies.
- At the top-right, click the plus sign ( + ) to add a new policy.
- Select to create a Workstation or Server policy with the recommended settings. For more information, see ThreatDown recommended policy for OneView.
- Under the Policy name field, add a name for the policy.
- Under Site restriction, select Global (all sites) or select a specific site to assign this policy with.
Note: If you select a specific site and save the policy, this selection is locked and cannot be converted to a Global policy later. - Go through each policy settings tab to enable or disable your desired settings.
- Click Save.
Assign policy to group
Endpoints use the policy of the group they are assigned. After creating a policy, assign it to a group so endpoints in that group can use the policy settings.
- Go to Configure > Groups.
- Click on the group name.
- Select a different policy from the Policy Name drop-down menu.
- Click Save.
To move an endpoint to another group:
- Go to Manage > Endpoints.
- Select the endpoints and select Actions > Move Group.
For more information, see Create and edit groups in OneView.
Adding protection to a policy
When you create a policy in OneView, the protection services enabled are finalized for the calculated billing cost. Enabling additional layers within the policy settings comes with a billing usage change notice that must be confirmed to process the update on the policy. This is to keep you notified of any possible billing changes that come with modifying your policy settings.
Reset a policy to defaults
To revert a policy to our recommended defaults:
- Go to Configure > Policies.
- Click on the policy you want to reset.
- In the top-right corner, click Reset.
- Select one of the options:
- Recommended workstation policy settings: The recommended default policy settings for workstations. For more information, see ThreatDown recommended policy for OneView.
- Recommended server policy settings: The recommended default policy settings for servers. For more information, see ThreatDown recommended policy for OneView.
- Click Reset.