Chat now with support
Chat with Support

Security Analytics Engine 1.1 - User Guide

Security Analytics Engine Overview Plugins Conditions Shared Policies Applications Auditing Issued Alerts Policy Overrides Fallback Password Security Settings Glossary

Shared risk policies

A risk policy that an application selects to use for evaluation will most likely be similar to the risk policy used in the Sample Application provided by default with the Security Analytics Engine (for more information, see Sample Application). It consists of all the conditions that you want checked during an access attempt and those conditions will operate together to create a single risk score which the application will then use to determine whether to allow an access attempt, request additional authentication information from the user, or deny access. Alerts can be configured for the risk policy providing the evaluation in which case they will issue an alert when the generated risk score exceeds the configured threshold.

Shared Policies page

The Shared Policies page is displayed when Shared Policies is clicked on the Home page of the Security Analytics Engine Administration web site. From this page you can launch the Shared Policy wizard to add new or edit existing shared risk policies.

Adding and managing shared risk policies

Adding a new shared risk policy

2
In the Policy Name field, enter a unique display name for the shared risk policy. This name is only used within the Administration web pages.
3
(Optional) In the Description field, enter a brief description of the shared risk policy. This description is only used within the Administration web pages.
4
(Optional) Select the Disable Policy Override check box to disable overrides for this shared risk policy. This setting applies to all applications that use the shared risk policy.
Notify Admin - Select the check box to begin sending email alerts and in the field enter the email address of the person that will be receiving the alerts.
Notify User - Select the check box to send an email alert to the user attempting access when they exceed a certain score.
Alert When - Select one of the following options:
Scores <nn> Or More - In this field enter the minimum risk score (1-100) a user must receive in order for an alert to be sent.
8
Repeat Step 7 until you have selected all the conditions to apply to the risk policy.
9
Click the OK button to close the dialog.
Click OK to close the dialog.
13
Once each condition and modifier has been assigned a percentage, click Save to save the shared risk policy and return to the Shared Policies page.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating