Adding or Editing a Policy

• From the OfficeScan console:

Cisco NAC > Policy Servers > Policy Server Summary screen > Policies link

From the Policy Server console:

Summary > Policies link

Configurations > Policies

Policies include rules. Assign one policy to each registered OfficeScan server on your network for both outbreak mode and normal mode. After configuring new rules or ensuring that the default rules are suitable for your security enforcement needs, configure policies that registered OfficeScan servers can use (see Policy composition for detailed information on policies).

To add a new policy:

1. To add a policy, click Add. The New Policy screen appears.

To edit a policy, click a policy name. The Edit Policy screen for that policy appears.

5. Note: You cannot delete policies currently is use. They appear with the icon.

2. Next to Policy name and Description, type a name to represent the policy and an optional description.

3. Under Rules, select which existing rules will compose this policy. Existing rules appear in the Rules available column. The Policy Server enforces rules in the order that they appear in the Rules in use column.

4. Note: If there are no matches to the criteria of a rule, the Policy Server continues to the next rule.

5. To move rules between the Rules Available and Rules in use columns, click a rule and then click either or .

6. To change the order of the rules in use, click the rule and then click either or .

4. Under Default Response, select a response for the Policy Server to return if none of the rules returns a response:

7. Healthy

8. Checkup

9. Infected

10. Quarantine

11. Unknown

12. Note: You cannot add or delete items from the Default response list.

5. Under Server-side actions, select the Log this incident if all criteria matched check box to have the Policy Server log this incident (see Viewing Client Validation Logs for more information on logs).

6. Under Client-side actions, select from among the following options for OfficeScan clients if all policy criteria match:

• Enable Real-time Scan  

• Update components

• Scan after enabling Real-time scan or after an update

• Perform Cleanup Now: Select to run Damage Cleanup Services

• Perform Cleanup Now and Scan Now: Select to have the client automatically run Damage Cleanup Services and Scan Now

• Note: Real-time Scan must be running on clients to perform Scan Now.

8. Display notification message on client computer (Maximum of 200 single-byte characters)

7. Click Save.