On This Page
Mapping Assets to Rule Owners
Overview
The App Administrator must map Rule Owners to the network devices (network, IP, or range of IPs) for which they are responsible. After this mapping, the Rule Lifecycle Management App (RLM) can retrieve rules from SecureTrack that need a certification decision and relate to these assets.
Each user must have User name and Email attributes in SecureChange.
The Owner field in the RLM mapping template must be an identical match to the field User name in SecureChange.
See Creating Users.
How Does It Work?
Update Owner Status
RLM conducts a background task every 60 minutes to update the status of RLM owners based on their status in SecureChange.
-
If an owner is deleted from SecureChange, or if the owner is a group with no members, RLM changes the status of the owner in the extension to inactive automatically.
-
If the user is added back to SecureChange or the group is filled in with new owners, RLM can change the user to active.
In both cases, a one-time synchronization job will run at 2:00 am the following day to update rules ownership based on the new owners in RLM.
Mapped Owners and Rules
Once the Rule Owners are mapped to the rules (assets) for which they are responsible, a job runs (frequency depends on configuration settings) to retrieve rules that require a certification decision. The criteria for these rules include the following:
-
Rules that will expire based on the Rule Recertification settings.
-
Rules that have already expired.
-
Rules that do not have any certification.
-
Rules based on the source, destination, and service setting.
For more information, see Rule Recertification settings.
Rule Owners receive an email notification that they have rules which require a certification decision.
