Configuring the vShield Data Security policies
Configuring the vShield Data Security policies requires some knowledge of current regulations that are applicable to the organization. The governance or compliance group within the organization should be able to provide guidance on which regulatory policies are required. Configuring an incorrect policy will likely cause false positives and confusion as to the secure state of the virtual machines being scanned.
Permissions are often given to the internal audit group to view policy and violation reports. For example, the auditing Active Directory group can be added to the vShield role of Auditor to accomplish this task.
The vShield Data Security policies consist of three components:
- Regulations and standards to detect: These predefined content blades are available for standard regulations, including PCI. Custom detection strings can also be used for detection.
- Areas to exclude: These components can be excluded from detection by the datacenter, cluster...
