SYM_UNIX_TARGETED_PREVENTION_SBP V5.2.9 R30 [SUMMARY]
10-Jul-2015 02:41:24 PDT
Exported By: symadmin    from Server: Localhost Server



 Global Policy Options
 Built-in PSET Options
 Symantec Data Center Security Server Agent [sdcssagent_ps]
 Advanced Options
 Resource Lists
 Writable Resource Lists
 Allow modifications to these files
 List of files that can be modified
 Value="%agentinstallroot%/IDS/*"
 Value="%agentinstallroot%/IPS/*"
 Value="/var/run/sisipsdaemon.pid"
 Value="/var/run/sisidsdaemon.pid"
 Value="/devices/pseudo/sisips*"
 Value="/dev/sisips0"
 Value="/dev/sisips1"
 Value="/dev/sisips2"
 Value="%agentinstallroot%"
 Value="%loginstallroot%/*"
 Value="/etc/sisips/*"
 Value="/etc/sisipsutildaemon.pid"
 Value="/etc/sisipsdaemon.pid"
 Value="/etc/*sisipsagent.lck"
 Network Controls
 Inbound
 Default inbound rule
 Default inbound rule action
 Allow
 Default inbound rule log setting
 Do not log
 Outbound
 Default outbound rule
 Default outbound rule action
 Allow
 Default outbound rule log setting
 Do not log
 SysCall Options
 Allow mounting of filesystems
 Allow creation of hardlinks
 Allow creation of special files (mknod)
 Allow loading and unloading of kernel modules (modctl)
 Process Logging Options
 Log process assignment messages
 Log process assignment command line arguments
 Default PSET Options [default_ps]
 Network Controls
 Inbound
 Default inbound rule
 Default inbound rule action
 Allow
 Default inbound rule log setting
 Do not log
 Outbound
 Default outbound rule
 Default outbound rule action
 Allow
 Default outbound rule log setting
 Do not log
 SysCall Options
 Allow mounting of filesystems
 Allow creation of hardlinks
 Allow creation of special files (mknod)
 Allow loading and unloading of kernel modules (modctl)
 Process Logging Options
 Log process assignment messages
 Log process assignment command line arguments