Auditor Help: Defining a Policy

Note! Note: Ecora Executive Dashboard is available only with the Auditor Professional version of the Ecora software, NOT available in Auditor Basic and Auditor Lite, and is a separate download. If you are interested in the Auditor Professional edition, please contact a sales representative.

Before you can compare systems in the environment against policies, you need to choose a policy provided by Ecora, create a new policy to define your standards, or import a policy (from another Auditor installation). Ecora engineers created a basic collection of policies to help you get started auditing your environment, but there are endless customizations and permutations you can specify to tailor policies for your risk tolerance, regulatory standards, internal procedures, or upcoming audits. Existing policies, including those provided by Ecora, appear in the left pane under Policies when the Policies tab is selected.

Note! Note: Only systems that are present in Auditor System Management appear in Auditor Professional Executive Dashboard, which is the web-accessible reporting interface for policy compliance. If a system does not appear, verify that at least one data collection has occurred for that system (also necessary to calculate compliance once a policy is applied).

Policy Tab Overview
Policy Group Management
Creating a New Policy
Checking for Compliance

Creating a New Policy

  1. Click on the Policies tab.
  2. Click on the New Policy button. New Policy Button
  3. When prompted to import system configuration, you must decide if you wish to base the policy on a system with a reasonable configuration or create a policy from raw attributes.
    Hints:  One option is to start from an existing system configuration, then edit the policy to remove specifics to that machine or that are not relevant for the policy you are creating. If you choose this approach, it might be worthwhile to review or secure the system first before importing. One possibility is to apply Microsoft's security policies to a system before importing its configuration as the basis for a policy. Note that you should remove all system-specific data from the policy if you import a configuration (system name, IP address... anything that will vary, legitimately, from system to system when the policy is applied). This reduces the non-compliance for irrelevant attributes.
     For information about securing a system prior to import, see
  4. If you chose to import a configuration, click on the Browse... button to locate a system and click OK once you have selected the base system.

     Tip: You can search for a specific string to locate a system or filter the system view with the buttons along the right.
  5. If you wish to import an Attribute List based on an Auditor report definition, click on the browse ... button to and click OK once you have selected a report. This helps focus the policy on an area of interest.
  6. Click Next >.
  7. In the Manage Rules dialog, you can accept the set of rules or add, edit, or remove rules with the buttons on the right.
  8. Click Next >.
  9. In the Manage Scope dialog, you click the add (+) to define the systems to which this policy will apply.
  10. In the Select a Policy Scope Attribute dialog, navigate the tree in the left pane to find and select the attribute you wish to use to determine the systems to which this policy will apply.
     Note: If you are creating cross-platform policies, remember to limit the scope to systems with data for the rule. You can do this at the top-level by applying the policy ONLY to groups/systems for that platform or by creating scopes for those rules so the calculation will ONLY apply if the scope is met.
  11. Click Next >.
  12. In the Select a Policy Scope Criteria dialog, select an operator from the drop-down list, enter a value, and click add (+).
  13. Click Finish.
  14. If you accept the scope, click Next >.
  15. Verify the policy on each tab, then click Finish.

Checking Compliance

  1. Click on the Policies tab.
  2. Select a policy in the left pane.
  3. Right-click and select Apply Policy or click the Apply Policy button.
  4. Select a policy in the left pane. and click on the New Policy Button
  5. Click on the Apply Policy button in the Policy toolbar.
  6. Select the group to which to apply this policy and click OK.
  7. Click the Apply button in the right pane.
  8. On the desktop, double-click on icon to launch the Auditor Professional Executive Dashboard.