BeyondTrust BeyondInsight - Send Block Policy to SCP
  • 22 Jul 2024
  • 2 Minutes to read
  • Dark
    Light
  • PDF

BeyondTrust BeyondInsight - Send Block Policy to SCP

  • Dark
    Light
  • PDF

Article summary

BeyondTrust BeyondInsight - Send Block Policy to SCP sends a block policy, in XML format, for the software that results from the saved query supplied as a trigger (or assets that were selected in the asset table), and sends it to a specific path on an SSH server using SCP.

See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.

Note:

General Settings

  • Action name - The name of this Enforcement Action. The system sets a default name. You can change the name.
  • Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.

Required Fields

These fields must be configured to run the Enforcement Set.

  • Hostname - DNS Address or IP of the SSH server.
  • User name - The SSH user name to connect with.
  • SSH port (default: 22) - The SSH port.
  • XML target path (default: /home/policy.xml) - Specify the full path on the SSH server, including the file name.
  • Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.

Additional Fields

These fields are optional:

NOTE

For authentication, you must specify at least Password or Private key, but you can also specify both.

  • Password - A password for the SSH user, if it exists. If specified, the password is used for authentication.

  • Private key - To use a private key for the SSH user, select a file and click Upload File.

  • Private key passphrase - Specify a private key passphrase if the private key is protected by a passphrase.

  • The following fields are section names in the XML that is created by the Enforcement Action. Enter a value for the relevant fields.

    • Configuration ID
    • Configuration Version
    • Configuration Revision
    • Configuration Revision Number
    • GlobalOptionsSet ID
    • Trusted Application Protection Version
    • Trusted Application Protection Revision
    • Application Group ID
    • Application Group Name
    • Application Type (default: exe)

    An XML tag is created for each installed application.

  • Get installed software from CSV adapter only -

    • When this option is enabled (the default), the XML file only includes software titles that are from the CSV adapter connection.
    • When this option is disabled, the XML file includes software titles from the specified adapter connections.
  • Gateway Name - Select the Gateway through which to connect to perform the action.


For more details about other Enforcement Actions available, see Action Library.


Was this article helpful?