Customizing built-in rule sets
Some built-in rule sets must be adapted to your environment before they can be used.
This is especially the case for the five II 901 rule sets. These rule sets are based on the ANSSI's French directive, drafted with the purpose of protecting sensitive information systems, These are templates that you can customize, to help you create security policies that apply the recommendations of the Interministerial instruction no. 901 in practice.
Since built-in rule sets are read-only, you must duplicate them in order to customize them, then add them to your policies.
To duplicate a built-in rule set:
- Select the Security > Policies menu.
- Click on View shared rule sets at the top right side of the panel.
- On the line of the rule set to duplicate, click on the icon, then Duplicate. The duplicated rule set appears at the bottom of the list of rule sets with a number between brackets.
- Double-click on the duplicated rule set, then click on Edit.
- Rename the rule set then adapt the rules and IDs to your environment.
- Add the rule set to your policies by following the procedure explained in the section Creating a security policy.