Agent registration policies let you automate the agent registration process. An agent registration policy is a set of rules that determine how the incoming registration requests are processed. In the registration request content, Symantec Management Agent sends its host name, MAC address, IP address, FQDN, and logged on user data. The agent registration policy uses the registration request data and the rules that you define within the policy to decide if the request is allowed or blocked.
The default agent registration policy automatically allows all agents to communicate with Notification Server. You can modify the default policy or create custom policies to restrict the agents that can communicate with Notification Server. If no active policies are available, the status of each incoming registration request is set to pending.
You can view the registration requests in the Agent Registration Status report. You can access this report in the Symantec Management Console, under Reports > Notification Server Management > Registration.
In the Symantec Management Console, on the Settings menu, click All Settings.
In the left pane, under Settings, expand Agents/Plug-ins > Symantec Management Agent > Settings.
Right-click Registration Policies, and then click New > Registration Policy.
On the right pane, specify the settings of the agent registration policy as follows:
Lets you define different types of masks for agent identification using the request data. For example, you can define a host name mask, an IP address mask, and a logged on user name mask.
A single policy can contain unlimited number of masks of any type. During the mask matching process, Notification Server treats different mask types as logical AND operation and similar mask types as logical OR operation.
For example, a policy with the following masks allows registration of all agents that have the name that matches mask "*test" and their IP address is either 10.31.12.1, 10.31.12.2, or any from 255 IP addresses from the 10.31.15.0 subnet:
Host = *test
Asterisk is accepted for all rules except for IP address. If you want to specify an IP range in a rule, you must define it with the subnet mask. For example, instead of typing 10.31.15.*, you enter 10.31.15.0/24.
Lets you define the rule for complied agent processing with the following options:
The agents are automatically registered and you do not need to accept them manually.
Requests from these agents are declined.
Note that if two policies are applicable to a registration request, and one of them allows registration and the other blocks it, the blocking policy is applied to the request.
Turn on the policy.
At the upper right of the page, click the colored circle, and then click On.