A practical session on reusing your templates to benefit from the power of Policy Management, we'll compare the previous templates concept to latest Policy Management capabilities and highlight key considerations for migrating these settings. We'll also cover some hints and tips on getting the most from the new version of Policy Management and the new View features to improve your Automation.
6. Good Practice for Policy Management
• What makes a machine‟s
management requirements unique?
– OS?
– SLA?
• Ask yourself:
– Is this something I can apply to all
machines of this „type‟?
7. 4 Items that cover all permutations
Location
Hardware
Role Utility
8. Location
• Any time a setting is specific to a
single location
– Set Credential
– File Source location
9. Hardware
• Any time a setting is specific to the
hardware
– HW Monitor Sets
– HW Event Filters
– HW Agent Procedures
– HW Specific patch policies (not often)
10. Role
• The core purposed of the device,
usual decided by either a core
application or type of W/S user e.g.:
– Exchange
– Oracle
– Quickbooks
– Finance user
– Admin user
– SQL Server
11. Role Settings
• All major settings that haven‟t
already applied to location or
hardware
– Role Specific Patch settings
– Most Agent Settings
– Role specific Agent Procedures
– Role specific monitoring
– All other settings
12. Utility
• Anything that is not Role defining but a
„supportive‟ application that may appear
on multiple machines
– Anti-virus
– Anti-malware
– Backup
• There might be multiple Utility policies that
apply to one machine, so only put very
specific items for that utility
– Monitor Sets
– Agent Procedures
– Alert Filters
13. Policy „Rules‟
• Start with a minimal amount of policies
• Only create a new policy when an existing
one _really_ can‟t be made to fit
• Try and find ways to make a policy flexible
enough to work on multiple machines to
avoid creating too many
– E.g. Agent Procedures that check conditions
before running
• Create a view _before_ you create the
Policy
14. New Site Rollout Process
• First machine
• Push „base‟ agent (KDS?)
• Apply Base policy
• Apply all other policies
15. Not everything is a policy
• Still need 1 template:
– Step 4 „the most important step‟
20. Migrating Templates
• Import your templates into policies
– Create/Select Policy Folder & Import from
template
• But wait...
– Why do you have this template?
– What settings where you copying?
– Where do you use the template?
– Do you have the View already?
• Setting imported for all policy objects!
– Save As is your friend
• For each “applicable” policy object
• Easy Enough?
Reinforce the importance of views and explain/show the relationship between Views and Policies. Best Practice in V1.0 – these views should be ‘static’, i.e. the items are not likely to change.
Limitations on views means for now you may have to run Service or Reg lookups via the base policy and then create a view that uses the procedure