Policy

This is a privilege-based feature: The user can access, view, add, edit, delete, execute, and export only if the administrator has given them privileges. This will be defined under roles and privileges.

What you see on the screen

The ‘Policies’ page displays the complete list of policies available on NCCM. Multiple Filter options and a quick action panel are also available.

Action Icons | Rule Group |

Label

Action

Description

Search for a specific policy using fields like name or description.

The search fields are not case-sensitive and support partial word searches. Enter the search criteria and click SEARCH to retrieve results.

Apply filters based on selected fields and conditions from the dropdown menu.

Fields include Name, Type, Status, and Business Hours. Conditions include "in" or "not in."

Add

Add a new policy to NCCM.

Click to open the form and configure a new policy.

Edit

Modify an existing policy.

Select the policy and click Edit to update its details.

Delete

Remove a policy permanently from NCCM.

Select the policy and click Delete to confirm its removal.

Enable

Activate a policy.

Select the policy and click Enable to make it functional.

Disable

Deactivate a policy.

Select the policy and click Disable to render it inactive.

Once the Rules are added and the Rule Groups are configured, the next step is configuring the policies. Policy configuration includes associating Rule Groups and defining the Policy check timeline.

Add Policy

Internal Policies are known as Baselines, whereas external configurations are known as Compliance. From the Policy page, click to redirect to the Add Policy page. Follow the instructions below to add a new policy.

Policy Information | Add Policy |

Label

Step

Description

Policy Name*

Provide a name for the Policy.

It is recommended that the compliance reference be used as the policy name. This makes the policy easy to identify and relate to. For example, PCI DSS v3.2.

Description

Provide a brief description of the Policy.

As per the, e.g., taken here, PCIDSSv3.2 can be added as a description.

Status

Select Policy Status using the dropdown menu.

Status must be enabled for the Policy to be active.

Visibility

Select whether the Policy Visibility must be Private or Public.

If Visibility is selected as ‘Private’ select the Users and User Groups. multiple users and user groups can be selected.

Rule Group

From the list of Rule Groups, select the rule group to add.

From the list of ‘Unassociated Rule Groups,’ select the ruling group and click > to add to the ‘Associate Rule Groups’ list. < can be used to deselect the Rule Group.

Execution Schedule

Select the Execution schedule using the dropdown menu.

Multiple Execution schedule options are available on NCCM. They are:

Execute Now - To execute the policy run at once.
At—Use the calendar to select the Day, Week, and Month. Select the Time for execution.
After Every—To execute the policy after every configured number of days, hours, or Minutes, select the Time for execution.
Weekly—To run policy checks on the selected day of the week, select the Time for execution.
Daily – To run a daily policy check at the selected time.
Monthly - To run policy checks on selected days and times every month.
Quarterly - To run policy checks on selected days/dates and times of every month.

Policy Start Date

Select Policy Start date using the calendar option.

A policy run will be initiated based on the selected start date.

Policy End Date

Select the Policy End date using the calendar option.

Policy run will be stopped on the End date selected.

Click ‘Ok’ to save the Policy.

Note:

Policy check happens based on the schedule configured in the Policy configuration.
Policy check will start based on the Job start and end date.

PreviousRule Group NextManage Vulnerabilities

Last updated 5 months ago

Was this helpful?