compliance checks on device

NA 2022.11

We had imported policies from market place into NA server.

We had only Cisco devices and is there any way we can identify which policy can be applied on specific device.

  • Verified Answer

    0  

    If you've imported in the polices, they should contain details in the name that should assist in determining what device models / families they can be applied to.   

    For example:

    I'd say most of the policies you import will use out of the box diags / data that should be collected by default.  Now, if you don't run a diagnostic that the policy is looking for data from, then you'd need to run that task so the policy rule wll have data to look at.  

    Option #2 - you can edit the policy files that you imported and then look for lines such as:

    DeviceFamily

    Also, in there you can see what the rule is looking for / at (is it config text or a diagnostic).  

    Option #3 - Take a look at the PDF available:

    https://www.microfocus.com/marketplace/api/download/492936?file_only=true

    Option #4 - you do a quick review of the policies, and you can apply them to Inventory.  Say if you are working with a Policy that is for Cisco ASA devices and you only have Firepower devices, this policy will be skipped.  

    Once compliance check is done, you can report on the outcome and then refine what policies are continued to be used and what should be disabled and / or see what additional tasks may need to be run.  

    Hopefully this helps.

    -Chris