cancel
Showing results for 
Search instead for 
Did you mean: 
pbmdk
Level 7

export hips application policy to a file!

before opgrading to version 7 og hips I want to export hips application policys out with a script. where is the policys stored ???
0 Kudos
10 Replies
gerryrigney
Level 9

RE: export hips application policy to a file!

If you go to your policy catalogue in ePO, expand HIPS section you have the option to "Export all policies"

This will export them to a .xml file
0 Kudos
pbmdk
Level 7

oh no not that



No its not that policy I want to export. Its the policys on the client some have set the hips in learning mode and have more exceptions that the epo standard policyes.. thats what I want to export. can it be done?
0 Kudos
Raja
Level 9

RE: oh no not that

No, no possible.
0 Kudos
gerryrigney
Level 9

RE: oh no not that

You could always create a new policy in ePO then add the necessary client rules to it then export this new policy?
0 Kudos
GJohnson
Level 7

RE: oh no not that

So what you are saying is that if you create or learn policy's on the client they will not propegate to the server and vice versa? or am I reading this wrong...
0 Kudos
gerryrigney
Level 9

RE: oh no not that



I'm not sure who you were directing that question at?

However, if you set HIPS in learn (audit) mode it creates client rules which do get sent to the ePO server. Its then up to you to create rules based on these client rules.

e.g. we set HIPS in audit mode, we then looked at the client rules through ePO and created deny rules for all chat appplications that turned up.

hth
gr
0 Kudos
Raja
Level 9

RE: oh no not that

If client rules are not getting back to the ePO/HIP console, check you HIP policy translator task.
That translator task is how client rules get translated into policy.
0 Kudos
GJohnson
Level 7

RE: oh no not that

Ok, so we run the Property Translator (which is set to manual atm), and this still doesn't populate the server. :confused::confused:

Also, can you set it on the server to populate to the client? If so what are the procedures...:confused::confused:
0 Kudos
Raja
Level 9

RE: oh no not that

You need to check the properties of one of the nodes. Client learned rules are sent back to the server as node properties. The translator task adds them to the policy table. If the node doens't have extra data in the properties, then the learned rule are not getting back the ePO server.
0 Kudos