.svg?alt=media&token=53895a79-2463-405c-8911-8e2f8eb3dc06)
Rule Group
The Rule Group is a collection of predefined or newly added rules in NCCM designed to meet specific compliance or operational requirements. While rules define conditions to be checked, a Rule Group allows users to configure device ranges, applicable vendors, and operating systems to which the rules will apply.
Creating a Rule Group involves specifying devices, vendors, and OS versions and associating relevant rules to perform compliance checks. Access to Rule Groups is privilege-based, meaning only users assigned appropriate roles and permissions by the administrator can view, add, edit, delete, execute, or export Rule Groups.
What you see on the screen
The Rule Group page displays a comprehensive list of all the Rule Groups in NCCM, along with options for filtering and performing quick actions. Below are the available action icons and their descriptions:
Action Icons | Rule Group |
Label
Action
Description
Search
Locate a specific Rule Group using fields like name, vendor, description, etc.
The search is not case-sensitive and supports partial word matches. For instance, searching for "Net" will return results like "Network."
Filter
Apply filters based on specified fields and conditions from the dropdown menu.
Fields include Name, Description, Vendor, OS Name, and Status. Conditions include: in, not in, equal to, not equal to, contains, and does not contain.
Add
Create a new Rule Group in NCCM.
It opens a window to define a new Rule Group by configuring devices, vendors, OS, and associated rules.
Edit
Modify the details of an existing Rule Group.
Click Edit on a selected Rule Group to make changes. Once updated, click Save to apply the changes.
Permanently remove a Rule Group from NCCM.
Select a Rule Group and click Delete to confirm and remove it from the system.
Activate a Rule Group to make it functional.
Enabled Rule Groups are applied to compliance checks.
Disable
Deactivate a Rule Group to make it dormant.
Disabled Rule Groups will no longer perform checks until re-enabled.
Add Rule Group
Click on the (+) plus icon from the ‘Rule Groups’ home page to navigate to the ‘Add Rule Group’ page.
The Rule Group configuration involves defining its basic details, such as visibility, associated devices, vendors, and operating systems, followed by selecting and adding specific rules to the group to establish the conditions and checks to be applied.
Rule Information | Add Rule Group |
Label
Action
Description
Name
Provide a name for the Rule Group.
It is recommended that the compliance reference be used as the Rule Group name. This makes the Rule Group easy to identify and relate to, such as PCI DSS v3.2.
Description
Provide a brief description of the rule Group.
As per the, e.g., taken here, PCIDSSv3.2 can be added as a description.
Status
Select Rule Group Status using the dropdown menu.
Status must be enabled for the Rule Group to be active.
Visibility
Select whether the Rule Group Visibility must be Private or Public.
If Visibility is selected as ‘Private’, select the Users and User Groups. multiple users and user groups can be selected.
Vendor
Select Vendor using the dropdown menu.
Select the Vendor to whom the above devices belong using the dropdown menu.
OS Name
Select the OS using the dropdown menu.
Select the OS of the selected devices using the dropdown menu.
Asset Tags
Select Asset Tags using the dropdown menu.
Select the Device Groups using the dropdown menu based on the IP addresses added above.
IP Address Range
Input the IP address or the IP address range applicable to this rule group.
Rule Group Check would be performed on only those devices added here.
Exclude IP Address
Provide IP or IP range to be excluded from the Rule Group
Select the OS using the dropdown menu. Either the complete IP address or the Hostname can be provided.
Associated Rule
Select a rule using the dropdown menu.
Select the rule and click ‘Add’ to add. multiple rules can be added by repeating the same step.
Once all the rules are added, click ‘Save’ to save the Rule Group.
Note: If Rule expects a Runtime parameter (Variable parameter), NCCM will take the parameter input during Rule selection (while adding Rule Group).
Last updated