Creating an Agent Registration Policy
Agent registration policies let you automate the agent registration process. An agent registration policy is a set of rules that determine how the incoming registration requests are processed. In the registration request content, Symantec Management Agent sends its host name, MAC address, IP address, FQDN, and logged on user data. The agent registration policy uses the registration request data and the rules that you define within the policy to decide if the request is allowed or blocked.
The default agent registration policy automatically allows all agents to communicate with Notification Server. You can modify the default policy or create custom policies to restrict the agents that can communicate with Notification Server. If no active policies are available, the status of each incoming registration request is set to pending.
You can view the registration requests in the
Agent Registration Status
report. You can access this report in the Symantec Management Console, under Reports > Notification Server Management > Registration
.This task is an optional step in the following processes:
- Installing the Symantec Management Agent on Windows computers.
- Installing the Symantec Management Agent manually on UNIX, Linux, and Mac computers.
- To create an agent registration policy
- In the Symantec Management Console, on theSettingsmenu, clickAll Settings.
- In the left pane, underSettings, expandAgents/Plug-ins > Symantec Management Agent > Settings.
- Right-clickRegistration Policies, and then clickNew > Registration Policy.
- In the right pane, specify the settings of the agent registration policy as follows:RulesLets you define different types of masks for agent identification using the request data. For example, you can define a host name mask, an IP address mask, and a logged on user name mask.A single policy can contain unlimited number of masks of any type. During the mask matching process, Notification Server treats different mask types as logical AND operation and similar mask types as logical OR operation.For example, a policy with the following masks allows registration of all agents that have the name that matches mask "*test" and their IP address is either 10.31.12.1, 10.31.12.2, or any from 255 IP addresses from the 10.31.15.0 subnet:
- Host = *test
- IP=10.31.12.1
- IP=10.31.12.2
- IP=10.31.15.0/24
Asterisk is accepted for all rules except forIP address. If you want to specify an IP range in a rule, you must define it with the subnet mask. For example, instead of typing10.31.15.*, you enter10.31.15.0/24.ActionsLets you define the rule for complied agent processing with the following options:- AllowThe agents are automatically registered and you do not need to accept them manually.
- BlockRequests from these agents are declined.
Note that if two policies are applicable to a registration request, and one of them allows registration and the other blocks it, the blocking policy is applied to the request. - Turn on the policy.At the upper right of the page, click the colored circle, and then clickOn.
- ClickSave changes.