Create and manage policies

Graphic showing how rules roll up into policies, and policies roll up into policy reports.

A policy is a collection of one or more rules used to ensure policy compliance. For example, you could create a password policy that includes all of your organization's password rules. Each policy also identifies which nodes and config types will be checked for compliance to the associated rules.

You can include the same rule in multiple policies.

To learn how rules, policies, and policy reports work together, see Policy compliance.

Create a policy

  1. Click My Dashboards > Network Configuration > Compliance.
  2. Click Manage Policy Reports.
  3. Click the Manage Policies tab, and click Add New Policy.
  4. Name the policy, and enter a description.
  5. Select an existing folder to store the policy in, or select New folder and enter a folder name.
  6. Select the nodes that must comply to this policy.

    • Select only nodes that you want to report on.
    • You can use custom properties to identify specific nodes.
    • Policy reports cannot be run against configurations that are downloaded in XML format (for example, configurations from Palo Alto devices).
  7. Select the type of config to search for policy violations.

    The config type "Favorite" identifies configs that were used as baselines in NCM 7.8 or earlier.

  8. Under All Policy Rules, select the rules to include and click Add. If the rule you need is not listed, you can create a rule.
  9. Click Submit.

Edit a policy

  1. Click My Dashboards > Network Configuration > Compliance.
  2. Click Manage Policy Reports.
  3. Click the Manage Policies tab.
  4. Select a policy, and click Edit.
  5. Edit values, and click Submit.

Delete a policy

  1. Click My Dashboards > Network Configuration > Compliance.
  2. Click Manage Policy Reports.
  3. Click the Manage Policies tab.
  4. Select a policy, and click Delete.
  5. Click Yes.

Learn more

After you create your policies, you can create a policy report.