Configuring rules

Rules are used to provision, update, and audit/enforce a configuration standard (for example, security policies, interface policies, class of service policies). To help you get started, BMC Network Automation is delivered with a set of predefined security rule sets based on device type. Predefined rule sets are available for the following standards and policies:

  • Center for Internet Security (CIS)
  • National Security Agency (NSA)
  • Defense Information Systems Agency (DISA)

Rules can be used to provision, update, and audit any configuration attribute specified in a configuration file. The sample rule sets are automatically imported for new installations. Customize these rules and create new rules based on the change projects.

If you are upgrading BMC Network Automation, the sample rules are not imported but are available in the BMC Network Automation application server installation directory (for example, BCAN_HOME\public\bmc\bca-networks\rules). At any time, you can import the sample rules by using the Rule Import task.

Related topic

Managing-rules

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*