Policy creation overview
Compliance policies are used for validating the device configuration and its state. Compliance Policies are accessible from main menu as below:
Compliance -> Polcies
There are 4 steps in creating a policy.
Step 1: Name the policy
Step 2: Add the node group
Step 3: Create the rule
Step 4: Define the condition
In this example, we will be creating the policy to evaluate the login banner configuration.
campus01-b02-access01 and campus01-b02-access02 are the two reference devices which we are using for this example. One has banner configuration and other does not.
Below command output from the device gives us the information.
campus01-b02-access01# 
campus01-b02-access02#
Steps to create the policy:
Below are the steps to create new policy.
Step 1: Name the policy
(1) New -> (2) Name: Login Banner -> (3Save
Step 2: Add Nodes
Click on the Node Group to select the relevant group of devices to add. In this case "Cisco_IOS" which applies this policy to all Cisco IOS Nodes
(1) New -> (2) Name: Cisco_IOS -> (3) Save
Step 3: Create Rule
(1) New -> (2) Name: Banner check -> (3) Rule type: Configuration -> (4) Vendor: Cisco_IOS -> (5) Save
Step 4: Define the condition
(1) New -> (2) Must contain: banner login -> (3) select Lines contain regular expression (This option overcomes if addtional spaces or characters are there) -> (4) Save
This completed the policy creation for banner config validation.
To test the results of the policy, refer to the How to test Compliance Policy
To get the reports of the policy, refer to the How to Create Compliance Reports
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article