Creating Policies
Policies are created using the Policy Wizard. The Policy Wizard provides a guided step-through for the creation of new policies, providing variations, depending on your platform and method of policy creation selected.
Privilege Manager ships with most commonly used policy templates. These are utilized by the policy wizard when creating a new policy.
Delinea also provides templates that do not ship with the product, but that can be downloaded via Configuration Feeds from within the Privilege Manager Console. Once downloaded and installed, customers can access those policy templates via Admin | Folders. Here a new policy can be created based on a template from a drop-down list. This policy will have associated targets, filters, and actions set, which can be further customized to cover an organization’s specific needs. Also refer to Configuration Feeds.
The Configuration Process
Regardless of the method used to create a policy, policies follow a configuration process. Review the following information prior to creating and configuring an application policy.
The process must follow these basic steps:
- Collect File Data - This enables Privilege Manager to recognize specific files and file types in your environment. See Collecting File Data. The file data that you want to target with policies are called Events. All imported files can be viewed under File Inventory.
-
Assign a Target - The target defines the computer groups where the policy is applied. Computers you want to include in the computer group can be refined by adding filter rules. See Creating Computer Groups.
- Create and Assign Filters - This step sorts important file data (events) according to different criteria. A filter is made up of specific criteria that Privilege Manager uses to target important file data (or Events) that occur across your environment. An Event in Privilege Manager is any piece of file data or executable on a computer that is targeted by a policy. See Filters Filters can be further refined using inclusion or exclusion filters. See Using Inclusion and Exclusion Filters.
- Create and Assign Actions - the next crucial step in policy creation is to apply specific actions to your filtered targets. See Actions for the most popular and well-known action categories in Application Control.
- Define Priority - Order your policies based on priority level - Once your policies are created, the order they execute across your network matters. See Policy Priority in this guide for more details.
- Customize the Policy - A variety of options are available that allow you to activate and enforce the policy.
Collecting File Data
Before Privilege Manager can do anything else for Application Control, it must be able to recognize files or file types in your environment like applications or executables that run. File data can be collected in several ways:
- Event Discovery - Discover active applications on your network by setting up Learning Mode (Monitoring) policies
- File Upload - Directly upload a specific file that you want to target
- Remote File Inventory Task (Windows/macOS) - Scans endpoints directly and imports all file data (both active and inactive files) that exist on the targeted machine(s)