2.5.4.1. Creating a Policy¶
Create a policy to apply to the agent / In the case of using unauthorized program measures
Create a separate policy for each individual server.
Create a group for each server application and type, manage multiple servers in groups, and create policies.
Merit |
|
---|---|
Demerit |
|
2.5.4.1.1. Create a policy to apply to the agent¶
- Select the Policies tab at Menu tabs, then click Policies at the left pane. So the following screen will display as below:
- Right-click a specific policy in the displaied pain, then click Duplicate from the Menu, as below:
- As pictured below, the duplicated policy will display as "Windows Server 2008 ('OS Version')_2" .
- Right click on the duplicated policy and select "Details" from the menu.
- Set up the following items.
Select On or OFF for respective functions.
make sure to select the Base OS.
The Base OS Name will become a Management Name of a policy. We recommend you name it for easily managing.
You can make advanced settings for each function by opening the items displayed in the pane.
- Click Save as below:
- Once the newly duplicated OS has been created, the following picture will display. So, if Windows Server 2008 ('OS version')_2 displays just directly under the base OS (Windows Server 2008 ) at the pane, at "Inherited", you have successfully duplicated one.
2.5.4.1.2. In the case of using unauthorized program measures¶
2.5.4.1.2.1. Specifying the Base Policy¶
2.5.4.1.2.2. Setting up Respective Scans¶
- From the properties of the created policy, click "Anti-Malware" in the pane.
- Please select a scan to configure.
- "Inheritance" should be turned off.(When it is turned on, the setting change contents of the parent policy will be inherited. Please decide whether or not to inherit the setting according to the customer setting policy.)
- Select New in the relevant scan settings lists, as below:
- If New Malware Scan Configuration display, you need to input the respective setting values.
- In "Name", describe the policy name and management name that uses this setting value, and in the description, management information etc. It will be easier to manage if the purpose (real time, reservation etc) is described in the name.
- "Scan Settings" allows you to set up directories and files to scan. If you scan directories and file extensions, you need to create respective lists after selecting items.
- Double-click Exclusions, set up scan exclusions.Tick to the relevant item check box to set up as a search exclusion. Finally select "New" from the list.
- After the search exclusion setting property has displayed, input the same value as the default setting valu, then click "OK".
- In "Name", describe the policy name and management name that uses this setting value, and in the description, management information etc. It will be easier to manage if the purpose (real time, reservation etc) is described in the name.
- Please write down the search exclusion settings, referring to "Support Format". For further details, please verify details at online help.
- Click the "Option" tab to set up the "Search".
- Change the search settings in "General Options". It is desirable to change the setting according to the environment and operation.
- When a Alert is notified in an event occurance, mark to the checkbox of "When on, this malware scan configuration logs an event", at Alert as below: