- 22 Jul 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
BeyondTrust BeyondInsight - Send Block Policy to SCP
- Updated on 22 Jul 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
BeyondTrust BeyondInsight - Send Block Policy to SCP sends a block policy, in XML format, for the software that results from the saved query supplied as a trigger (or assets that were selected in the asset table), and sends it to a specific path on an SSH server using SCP.
See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.
General Settings
- Enforcement Set name (required) - The name of the Enforcement Set. A default value is added by Axonius. You can change the name according to your needs.
- Add description - Add a description of the Enforcement Set. It is recommended to describe what the Enforcement Set does.
- Run action on assets matching following query (required) - Select an asset category and a query. The Enforcement Action will be run on the assets that match the query parameters.
- A query only returns results for the asset type it was created for.
- Not all asset categories are supported for all Enforcement Actions.
- See Actions supported for Activity Logs, Adapters Fetch History, and Asset Investigation modules.
- See Actions supported for Vulnerabilities.
- See Actions supported for Software.
- Action name (required) - The name of the Main action. A default value is added by Axonius. You can change the name according to your needs.
- Configure Dynamic Values - Toggle on to enter a Dynamic Value statement. See Creating Enforcement Action Dynamic Value Statements to learn more about Dynamic Value statement syntax.
Required Fields
These fields must be configured to run the Enforcement Set.
- Hostname - DNS Address or IP of the SSH server.
- User name - The SSH user name to connect with.
- SSH port (default: 22) - The SSH port.
- XML target path (default: /home/policy.xml) - Specify the full path on the SSH server, including the file name.
Compute Node - The Axonius node to use when connecting to the specified host. For more details, see Connecting Additional Axonius Nodes.
Additional Fields
These fields are optional:
For authentication, you must specify at least Password or Private key, but you can also specify both.
Password - A password for the SSH user, if it exists. If specified, the password is used for authentication.
Private key - To use a private key for the SSH user, select a file and click Upload File.
Private key passphrase - Specify a private key passphrase if the private key is protected by a passphrase.
The following fields are section names in the XML that is created by the Enforcement Action. Enter a value for the relevant fields.
- Configuration ID
- Configuration Version
- Configuration Revision
- Configuration Revision Number
- GlobalOptionsSet ID
- Trusted Application Protection Version
- Trusted Application Protection Revision
- Application Group ID
- Application Group Name
- Application Type (default: exe)
An XML tag is created for each installed application.
Get installed software from CSV adapter only -
- When this option is enabled (the default), the XML file only includes software titles that are from the CSV adapter connection.
- When this option is disabled, the XML file includes software titles from the specified adapter connections.
Gateway Name - Select the gateway through which to connect to perform the action.
For more details about other Enforcement Actions available, see Action Library.