Duplicating a shared risk policy in an application
To duplicate a shared risk policy in an application
|
|
NOTE: When duplicated, shared risk policies create non-shared risk policies. After being duplicated, the new non-shared risk policy is only available for the current application and is managed using the Application wizard. |
- On the Applications page, select the application currently using the shared risk policy you want duplicated.
- Click the
button to open the Edit Application dialog.
- In the Policies section, select the shared risk policy to duplicate and click the
button to open the Add Policy dialog populated with the conditions and scores assigned in the original shared risk policy.
- In the Policy Name field, enter a name for the new non-shared risk policy.
- After editing the duplicate risk policy, click the Accept button to return to the Edit Application dialog.
- The duplicated risk policy now appears in the Policies section. Click Save to return to the Applications page.
Deleting a shared risk policy from an application
To delete a shared risk policy from an application
|
|
IMPORTANT: The Security Analytics Engine is not aware of applications’ usage of risk policies. Before deleting a shared risk policy, ensure that the application is not sending requests to evaluate the shared risk policy that is to be deleted. |
|
|
NOTE: Deleting a shared risk policy from an application does NOT delete the shared risk policy from use in all applications. To permanently delete a shared risk policy you must use the Shared Policies page. See To delete a shared risk policy for more information. |
- On the Applications page, select the application currently using the shared risk policy.
- Click the
- In the Policies section, select the shared risk policy to delete and click the
button.
- A dialog is displayed confirming that you want to delete the selected shared risk policy. Click the Delete button.
- The deleted shared risk policy no longer appears listed in the Policies section of the Edit Application dialog, but is still available for use in all applications. Click Save to return to the Applications page.
Application wizard
The Application wizard consists of a series of dialogs displayed when the Add button or the Edit button are clicked on the Applications page. This wizard is used to connect applications to the Security Analytics Engine and manage the risk policies associated with them.
The following table provides a description of the options available in the Application wizard.
Add Application/Edit Application dialogsThese dialogs allow you to add or edit an application. They are accessed by either clicking the | |||
|
Application Name |
Enter a unique name for the application. This is a display name that is only used while managing your application within the Administration web pages. | ||
|
Application Description |
(Optional) Enter a brief description for the application. This description is only used within the Administration web pages. | ||
|
Client API ID |
Enter the client’s API ID. The API ID cannot be a used again for another application. | ||
|
Client API Secret |
Click the | ||
|
Generate New |
Clicking this button generates a new client API secret. | ||
| Policies section - This section of the wizard allows you to add new risk policies and edit existing risk policies. The risk policies currently applied to the application are listed. | |||
|
|
Click this button to open the Add Policy dialog. | ||
|
|
After selecting a risk policy, click this button to open the Edit Policy dialog. This page is identical to the Add Policy dialog except it includes all information previously entered for the selected risk policy.
| ||
|
|
After selecting a shared risk policy, click this button to open the View Policy dialog where you can preview the shared risk policy and simulate risk scores using the
| ||
|
|
After selecting a risk policy, click this button to duplicate the selected risk policy. The Add Policy dialog appears populated with the settings from the original risk policy.
| ||
|
|
The function of this button changes depending on the type of risk policy selected.
| ||
|
|
Click this button to open the Available Shared Policies dialog. | ||
| Policies list - Displays a list of all the risk policies associated with the current application. For each application listed, the following details are provided: | |||
|
Policy Name |
The name assigned to the risk policy on the Add/Edit Policy dialog. | ||
|
Description |
The optional description of the risk policy from the Add/Edit Policy dialog. | ||
|
Shared |
Check marks in this column indicate that this is a shared risk policy. | ||
|
Alertable |
Check marks in this column indicate that alerting is enabled for the risk policy. All risk policies with alerting enabled that appear in the Policies section will generate alerts. | ||
| The following buttons appear across the bottom of the Application wizard. | |||
|
Save |
Click this button to save the application. | ||
|
Close |
Click this button to close the dialog. If changes were made to the application, a warning appears allowing you to select whether to save the changes before closing the dialog. | ||
Add Policy/Edit Policy dialogsThese dialogs allow you to add or edit a risk policy. They are accessed by either clicking the | |||
|
Policy Name |
Enter a unique name for the risk policy. | ||
|
Description |
(Optional) Enter a brief description for the risk policy. | ||
|
Disable Policy Override |
Select this check box to disable overrides for this risk policy. | ||
|
How does this work? |
Click this link to open the Using the Policy Editor dialog which provides a brief overview of how to use the Policy Editor. Click Close to close the dialog. | ||
|
|
Click this button to open the Select conditions to monitor dialog. | ||
|
|
Click this button to preview the risk policy. Once preview mode is active, select any of the check boxes to the left of a condition or modifier name to preview the risk score that would occur should the selected items be triggered during an access attempt. The Risk Score field displays the risk score that would occur if all the selected conditions and modifiers were triggered. Click the | ||
|
Accept |
Click this button to approve the risk policy. The risk policy will not be saved until the Save button is clicked on the Add/Edit Application page. | ||
|
Close |
Click this button to close the dialog. If changes were made to the risk policy, a warning appears allowing you to select whether to save the changes before closing the dialog. | ||
|
Alerting section - This section of the wizard allows you to configure alerting for the risk policy. Click the Alerting heading on the left-hand side of the dialog to display the available settings.
| |||
|
Notify Admin |
Select the check box to begin sending email alerts and in the field enter the email address of the person that will be receiving the alerts. | ||
|
Notify User |
Select the check box to send an email alert to the user attempting access when they exceed a certain score. | ||
|
|
If Notify User is selected, click this button to open the Customize User Alert Email dialog which is used for customizing the subject and descriptive body text of the alert email sent to the user. Once edits are made, click Accept to close the dialog. | ||
|
Alert When |
Select one of the following options:
| ||
|
Scores <nn> Or More |
In this field enter the minimum risk score (1 to 100) a user must receive in order for an alert to be sent. | ||
| The following appear based on the selections made on the Select conditions to monitor dialog. For each category, a slider bar appears for each of the conditions and moves from left to right to increase the condition score in increments of 10 between 0%-100%. A condition set to 0% will not affect the risk score when triggered and a condition set to 100% will cause the highest possible risk score when triggered. | |||
|
Application |
Beneath this collapsible heading are the selected conditions within the Application category. | ||
|
Behavior |
Beneath this collapsible heading are the selected conditions within the Behavior category. | ||
|
Location |
Beneath this collapsible heading are the selected conditions within the Location category. | ||
|
Network |
Beneath this collapsible heading are the selected conditions within the Network category. | ||
|
User |
Beneath this collapsible heading are the selected conditions within the User category. | ||
|
|
This button appears to the left of each condition name and when clicked displays the modifiers currently assigned to the condition. If no modifiers are currently selected for the condition, this button is grayed out. | ||
|
|
This button appears to the left of each condition name and when clicked opens the Select condition modifiers dialog. Click OK to close the dialog once selections are made. | ||
|
|
This button appears to the left of each modifier name and when clicked removes the modifier from the condition. | ||
| The following sliders appear for each modifier selected on the Select condition modifiers dialog, depending on how it was configured on the Conditions page (Can increase risk, Can decrease risk, or Can both increase or decrease risk): | |||
|
|
The Can increase risk slider moves in increments of 10 between 100%-200%. A modifier set to 100% will not affect the condition when triggered and a modifier set between 110%-200% increases the condition score. | ||
|
|
The Can decrease risk slider moves in increments of 10 between 0%-100%. A modifier set to 100% will not affect the condition when triggered and a modifier set to between 10%-90% decreases the condition score. A modifier set to 0% cancels out the condition score. | ||
|
|
The Can both increase or decrease risk slider moves in increments of 10 between 0%-200%. A modifier set to 0% cancels out the condition score, a modifier set to between 10%-90% decreases the condition score, a modifier set to 100% will not affect the condition when triggered, and a modifier set between 110%-200% increases the condition score. | ||
Select conditions to monitor/Select condition modifiers dialogThese dialogs allow you to add or edit the conditions/modifiers selected for the risk policy. They are accessed by either clicking the | |||
|
Name |
This column displays the names of all available conditions/modifiers. Select the check box for a condition/modifier to use it within the risk policy. | ||
|
Type |
This column displays the type of condition/modifier. | ||
|
Close |
Click this button to close the dialog if no changes have been made. This button is replaced by the OK button if changes have been made. | ||
|
OK |
Click this button to save changes and return to the Add Policy/Edit Policy dialog. This button replaces the Close button if changes have been made. | ||
Available Shared Policies dialogOpened when the | |||
|
Accept |
Click this button to approve your selection and close the dialog. | ||
|
Close |
Click this button to close the dialog. | ||
button to open the Add Application dialog, or selecting a previously created application and clicking the 
button in this field to display the text of the API secret.
button to close preview mode.
