Security Lockdown Policy

A discussion of fields and settings specific to a Security Lockdown policy follows.

Security Lockdown Policy Page

General Tab

Name: Use this field to specify a name for the Security Lockdown policy.

Policy Enabled: Once the access permissions to the specified target path are the permissions you want enforced, select this check box to enable the policy. Otherwise, come back and select the check box after you have updated the access permissions to the target path.

Target Path: Indicates the folder or share that will be analyzed for access permission changes.

Notification and Report Options: This region includes the settings specific to who is notified, what is reported, and how long the report information remains accessible.

Email Recipients: Specify the email addresses of each user you want notified when access permissions to the selected folder are changed (and subsequently reverted back through the Lockdown policy). Email addresses can be separated by a comma, semicolon, or a space.

Include Security Events: When this check box is selected, all specified recipients listed in the Email Recipients field will also receive security notifications according to the options selected in the Security Change Events region. Deselecting this option limits the notifications to only changes in access permissions to the target path (and subsequently reverted via the Lockdown policy).

Security Change Events: This region displays options for notifications. For example, if the Group Membership check box were selected, data owners would be notified whenever there was a change to a group that has access to the target path.

Data Cleanup: Options for specifying how long you want scan job information to remain in the database.

Retain Notification Data for: Lets you specify how long the Security Lockdown data will remain in the database.

Retain Job Entries for: Lets you specify how long you want scan job information to remain in the database. If you do not select the check box, the scan job stays in the database indefinitely.

Data Owners: This region lets you specify the data owners for the target path.

Can Enable Policy: Select this option if you want the selected data owner to be able to enable the Lockdown policy

Description Tab

The Description box indicates when the policy was created. It also lets you write notes pertaining to the policy. The Description box allows up to 255 characters.

Schedule Tab

Displays the schedule for the Security Lockdown policy.

Data Tab

This page displays the properties of the CouchDB database.