Submit a ticketCall us

WebinarWebinar: A checklist for planning your Network Performance Monitor (NPM) upgrade

Are you ready for your next upgrade? To help you plan smoothly, join this webcast to learn more about, SolarWinds® Orion® Installer, SolarWinds Upgrade Advisor, Upgrades Guides, Training Videos, and other resources available. We’ll share key upgrade planning considerations, lessons learned from customers with practical advice from SolarWinds Product Experts. We’ll also give practical tips to identify the estimated time needed and resources, how to prepare the business and IT staff for changes, ways to plan for required system changes, and more.

Register now.

Home > Success Center > Network Configuration Manager (NCM) > NCM Documentation > NCM 7.9 Administrator Guide > Ensure compliance to policy rules

Ensure compliance to policy rules

Created by Caroline Juszczak, last modified by Melanie Boyd on Jun 03, 2018

Views: 1,182 Votes: 0 Revisions: 6

Updated: May 31, 2018

Use policy reports to verify that device configurations comply with internal policies and external regulations. Each policy report enforces one or more rules. When the policy report runs, SolarWinds NCM scans the specified configuration files and reports any rule violations. Policy reports can also include remediation scripts to bring the configuration file into compliance.

SolarWinds provides a set of example policy reports that you can modify to meet your needs. You can also create custom policy reports.

Policy reports cannot be run against configurations that are downloaded in XML format.

How rules, policies, and policy reports work together

Each policy report includes one or more policies, and each policy includes one or more rules.

rules_policies_reports.png

  • A rule defines a condition that must or must not exist. Rules can also contain remediation scripts to be run if the rule is violated.

    For example, a rule could specify that devices must have banners that include copyright information. And the rule could contain a script to add the copyright information if it is missing.

  • A policy groups related rules, and specifies which nodes and config types the rules apply to.

  • A policy report groups related policies. When the report runs, it scans the configs specified in the policies and reports any rule violations.

Common uses for policy reports

Regulatory compliance

Use policy reports to ensure that you are in compliance with federal regulations and other industry standards, including:

  • Sarbanes-Oxley Act (SOX)
  • Health Insurance Portability and Accountability (HIPAA)
  • Computer Inventory of Survey Plans (CISP)
  • Payment Card Industry (PCI) data security policies
  • Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG)

Compliance with internal standards and policies

Standardization is a vital part of keeping the network running smoothly. Use policy reports to locate device configurations that do not comply with your organization's standards or policies. For example:

  • Enforce interface naming guidelines.
  • Enforce Quality of Service (QoS) traffic shaping policies.
  • Verify that the correct banner is present.
  • Change the copyright date when the year changes.

Security

To proactively protect against hackers, malware, and other security threats, use policy reports to ensure that network device configurations comply with your organization's security policies. For example:

  • Ensure that the default password has been reset on all devices.
  • For SNMP-enabled devices, verify that the default public community string is not present.
  • Enforce standards for password length.
  • Search access control lists (ACLs) for rules that must or must not be present.

Tasks to create and run a policy report

To create custom policy reports, complete the following tasks:

  1. Create the rules that the policy report will enforce.
  2. Create policies to group related rules and to define which device configs will be checked for compliance.
  3. Create the policy report to group related policies.

You can then run the policy report to find and remediate policy violations. You can also share policy reports between Orion servers or with other SolarWinds users.

 

Last modified

Tags

Classifications

Public