Designing Compliance Policies

Available Languages

Download Options

  • PDF     (72.2 KB)
    View with Adobe Reader on a variety of devices
Updated:June 14, 2012

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Designing Compliance Policies

Table Of Contents

Designing Compliance Policies

Creating Policy Groups

Creating Policy Profiles

Running Compliance Checks

Fixing Compliance Violations


Designing Compliance Policies

Prime Infrastructure can help ensure that your network configuration adheres to regulatory policies and will help address any violations that it detects. You create a compliance policy, and then deploy the policy on devices to determine if any devices are violating the policy and fix the violation.

comply with federal regulations, as well as your organization's internal standards. Reporting on regulation-specific reports for compliance with SOX, GLBA, PCI - Visa CISP, COBIT, ITIL, HIPPA, and Committee of Sponsoring Organizations of the Treadway Commission (COSO)

Create a policy group which associates a set of policies to a group.

Create a compliance policy profile to associate devices to policy groups.

Run the compliance check and fix any compliance violations.

Creating Policy Groups

A policy group is a collection of rules, or policies. Prime Infrastructure provides default policy groups, which can be modified, or you can create policy groups based on your organization's requirements.

Are there any prerequisites or any planning steps users should perform before creating a policy group?

Step 1 Select Design > Compliance Policy Groups.

Step 2 From the Policy Group Selector, select Add Policy Group.

Step 3 Complete the Basic Group Information fields.

Step 4 Under Policies and Rules, click Add, select the policies you want to include in this policy group, then click Select.

Step 5 Click on a policy name, then specify the rules for each of the policies.

Step 6 Click Save.

Creating Policy Profiles

You create a policy profile in order to apply a policy group to a device or set of devices. After you create a policy profile, you can run a report to view a list of all the devices that do not comply with the specified profile.

Step 1 Select Deploy > Compliance Tasks.

Step 2 From the Policy Profile Selector, select Add Policy Profile.

Step 3 Complete the Basic Profile Information fields.

Step 4 Under Policy Group Selection and Device Mapping, click Add, select the policy group you want to include in this policy profile, then click Select.

Step 5 Click Save.

Running Compliance Checks

This section belongs in the "Deploying the Network" section. Will move.

You can generate reports to determine if your devices are in compliance or if there are any compliance violations. Prime Infrastructure provides templates to generate compliance and audit reports such as ...

You can import policy information from Cisco.com, even in offline mode.

Step 1 Select Deploy > Compliance Tasks.

Step 2 Find the policy for which you want to audit compliance, then click Check Compliance. You can specify the run the compliance check immediately, or schedule it to run at a future date and time you specify. You can also specify if and how often the compliance check should recur.

Step 3 After the compliance check completes, select Deploy > Compliance Tasks, then click Check Compliance to run the compliance check.

If there are compliance violations, see Fixing Compliance Violations for information about fixing the violations.

Fixing Compliance Violations

Was this Document Helpful?

FeedbackFeedback

Contact Cisco

This Document Applies to These Products