Create and Execute an Enforcement Set
  • 2 minutes to read
  • Print
  • Share
  • Dark
    Light

Create and Execute an Enforcement Set

  • Print
  • Share
  • Dark
    Light

You can take action on the identified security gaps by defining Enforcement Sets in the Axonius Security Policy Enforcement Center.

The Axonius Security Policy Enforcement Center allows customers to actively and automatically enforce their security policies by creating configurable Enforcement Sets that execute a saved query and then automatically takes an action on the query results (policy gaps) to bridge, mitigate, notify, or create incidents on the identified gaps.
image.png
Fore more details, see Enforcement Center Overview.

To Achieve this Milestone

Go to the Enforcement Center screen to create and execute a new Enforcement Set.

Creating a New Enforcement Set

The Enforcement Set Configuration Screen lets customers configure new enforcement sets and view and edit existing enforcement sets.

Enforcement Sets execute a saved query (which can represent a security policy) and then automatically take an action on the query results (policy gaps) to bridge, mitigate, notify or create incidents on the identified gaps.

To create a new Enforcement Set:

  1. Click image.png icon on the left navigation panel. The Enforcement Center screen opens.
     EC.PNG

  2. Click New Enforcement. The Enforcement Set screen opens.
    image.png

  3. Specify a unique name for the Enforcement Set.

  4. Define the main enforcement action, and additional optional actions to be performed after execution of the main action.
    Axonius offers a vast list of actions, categorized under several categories. To configure an action, click a category to view its actions, and then click the desired action. The Action Library screen then is replaced by the selected action configuration screen.

    For more details, see Action Library.

  5. You can also execute Enforcement sets on a saved query or on specific devices or users. Trigger configuration is mandatory if you want to use a saved query. Otherwise, if you want to execute the enforcement set on specific devices or users, Trigger is optional.
    image.png

    For more details, see Configuring Triggers.

  6. To save and execute the enforcement set, click Save & Run. To save the configuration, click Save & Exit.


Fore more details on configuring new, view, edit, and remove enforcement sets, see:

Configuring an Email Server

For some of the enforcement actions you must configure an email server. For example, the Send Email action, that sends an email with the query results to a predefined list of recipients.

To configure an email server, open the Global Settings, enable Send Emails setting and configure the email host and port. For more details, see Global Settings - Email Settings.
image.png

Viewing Enforcement Task Summary

The Enforcement Task Summary Screen displays the results for the Enforcement Set actions.
To view an Enforcement Task Summary:

  1. Click image.png icon on the left navigation panel. The Enforcement Center screen opens.
     EC.PNG

  2. Click View Tasks. The Enforcement Tasks screen opens.
    image.png

  3. Click a specific Enforcement Task.
    The screen displays the enforcement task information summary and the list of actions performed on saved query results or on the user selected entities.
    image.png

  4. To view the results of each action, click it. The right pane displays the action name, configuration summary and the number of entities for which the action has been succeeded or failed.
    For details, see Viewing and Analyzing Enforcement Task Action Results.

Was this article helpful?