Summary

Creating and tuning policy for the CSA are processes that you must master and fully understand to ensure a successful installation. Creating a valid policy upfront and testing within controlled test and pilot phases can guarantee success. Upon initiation of the policy, you will most certainly be required to tune the policy and rules to fit your operating systems, applications, and other business needs. This tuning process continues through the life of the product as your deployment evolves to include controlling new applications and processes.

Although the majority of the tuning required is performed during the initial phases of the product installation, this task will also occur over the life of the product in limited fashion. The skills used during the tuning process, such as working intimately with the event viewing screens and building event sets, will also benefit administrators as they investigate attempted security-related occurrences prevented and monitored by the CSA systems. In the next chapter, you follow an installation of the CSA architecture from start to finish by creating and following a case study of a fictitious environment that you will install, tune, and monitor.