Download assigned and recommended policies for Workload groups
Download the Policies you assigned or enforced on a Workload group and the Policies that Xshield recommended for the Workload group as a CSV file. All Policies assigned or recommended between a Workload group and Domain group(s)/Endpoint group(s)/Network group(s) are listed in the CSV file.
Downloading Policies as a CSV file can help you analyze the Policies using the features available with Microsoft Excel or other similar tools. This can help Network and Security teams determine the nature of traffic between the groups/assets and decide what Policies must be enforced and what Policies can be removed.
By design, Xshield contains generic system-generated Access parameters (for example, ftp tcp:21) and App-specific system-generated Access parameters used by SAP applications (for example, SAP NetWeaver Services-IPC server udp:9999).
Policy recommendations are generated based on the combination of protocols and ports. So, if Xshield sees traffic for a combination of protocol and port that is common for a generic and an App-specific parameter, it lists both generic and App-specific Policy recommendations. You must apply the required Policy recommendation carefully.
|
|
The CSV file provides the following details of the policies:
-
Source and destination names of the groups and the roles of the assets (that sent and received traffic) in the group
-
Direction of the traffic - inbound or outbound
-
Whether the policy is assigned/enforced or only recommended
-
Protocol, port, and service involved in the policy/traffic flow
-
Number of connections and data throughput of the traffic flow
Next steps
-
Apply policy recommendations
-
Enforce policies on Workload groups