csa - policy

followurself · ‎09-11-2008

can someone help please

1) all remote users who use laptop should not use any internet service without connecting to VPN ( ftp,http, https, downloads of any file, p2p)ftp should not be allowed even from command prompt

2) no user even in administrator group should be able to disable the csa service but only the local administrator.

3) users should only connect to allowed wireless networks

4)nobody should be able to use any removable media. can they be restricted to a certain zip drives?

all these users are currently running in test mode. i would like the above modules and the default modules for unknow virus, malware and rootkit to run in protected mode.

Thanks

smahbub · ‎09-17-2008

when you configure a policy, you are combining multiple rule modules under a common name. That policy name is then attached to a group of hosts and the group uses the rules that comprise the policy to control the actions that are allowed and denied on those hosts. You can have several different types of rules in a rule module and consequently within one policy. The policy level is the common ground by which host groups acquire the rules that make up their security policy. You can attach rule modules of differing architectures to the same policy. This way, you can configure task-specific, self-contained, inclusive policies across all supported architectures (Windows, Solaris, Linux) for software that is supported on all platforms.