Create and Execute an Enforcement Set
  • 2 minutes to read
  • Print
  • Share
  • Dark
    Light

Create and Execute an Enforcement Set

  • Print
  • Share
  • Dark
    Light

You can take action on the identified security gaps by defining Enforcement Sets in the Axonius Enforcement Center.

The Axonius Enforcement Center allows customers to actively and automatically enforce their security policies by creating configurable Enforcement Sets. Enforcement Sets execute a saved query and then automatically take action based on the query results to bridge, mitigate, notify, or create incidents on the identified gaps.
image.png

Fore more details, see Enforcement Center Overview.

To Achieve this Milestone

Go to the Enforcement Center page to create and execute a new Enforcement Set.

Creating a New Enforcement Set

The Enforcement Set Configuration page lets you configure new enforcement sets and view and edit existing enforcement sets.

Enforcement Sets execute a saved query (which can represent a security policy) and then automatically take an action on the query results (potential policy gaps) to bridge, mitigate, notify or create incidents on the identified gaps.

To create a new Enforcement Set:

  1. Click image.png icon on the left navigation panel. The Enforcement Center page opens.
     EC.PNG

  2. Click Add Enforcement. The Enforcement Set page opens.
    image.png

  3. Specify a unique name for the Enforcement Set.

  4. Define the main enforcement action, and additional optional actions to be performed after execution of the main action.
    Axonius offers a vast list of actions categorized under several categories. To configure an action, click a category to view its actions, and then click the desired action. The Action Library page then is replaced by the selected action configuration page.

    For more details, see Action Library.

  5. You can also execute Enforcement sets on a saved query or for specific devices or users. Trigger configuration is mandatory if you want to use a saved query. Otherwise, if you want to execute the enforcement set on specific devices or users, Trigger is optional.
    image.png

    For more details, see Configuring Triggers.

  6. To save and execute the enforcement set, click Save & Run. To save the configuration, click Save & Exit.



Fore more details on configuring new, view, edit, and delete enforcement sets, see:

Configuring an Email Server

For some of the enforcement actions, you must configure an email server. For example, the Send Email action, that sends an email with the query results to a predefined list of recipients.

To configure an email server, open the Global Settings, enable Send Emails setting and configure the email host and port. For more details, see Global Settings - Email Settings.
image.png

Viewing Enforcement Task Summary

The Enforcement Task Summary page displays the results for the Enforcement Set actions.
To view an Enforcement Task Summary:

  1. Click image.png icon on the left navigation panel. The Enforcement Center page opens.
     EC.PNG

  2. Click View Tasks. The Enforcement Tasks page opens.
    image.png

  3. Click a specific Enforcement Task.
    The page displays the enforcement task information summary and the list of actions performed on saved query results or on the user selected entities.
    image.png

  4. To view the results of each action, click it. The right pane displays the action name, configuration summary and the number of entities for which the action has been succeeded or failed.
    For details, see Viewing and Analyzing Enforcement Task Action Results.

Was this article helpful?