Skip to main content

Example: Acceptable use policy

You can use the web notification module to force all users to view, then accept or decline an agreement, such as an acceptable use policy. The following example shows you how to set up a force-level policy agreement:

  1. Click Manage the system > Policies > User notifications > Web notifications.

  2. Click Add new….

  3. Type the notification ID and Description. The notification ID can only contain ASCII characters.

  4. Set the notification Severity to Forced.

    If the web browser is closed without the required action, the user must log out of the workstation.

  5. Set the Plugin to run to determine compliance to Query USERSTAT tag.

  6. Click Add.

    Bravura Security Fabric warns you that the compliance plugin requires configuration.

  7. Click the configure icon 3332.png next to the compliance plugin field.

  8. Configure parameters for agreement compliance:

    1. Direct users to external URL with the value PSNAUP.

      This is required for a policy compliance plugin and directs users to a page where they view and accept or decline agreement.

    2. Type a Message to display to a non-compliant user.

    3. In the Acceptable use policy section, click Enabled.

      Bravura Security Fabric displays policy configuration settings. Required settings are pre-configured with m4 tags that are defined in <instance>\design\src\z\psn.m4. The tags are mapped to macros defined in <instance>\design\src\common\<lang>-<locale>-language.kvg.

      m4 tag

      macro

      en-us-language.kvg definition

      !!!N_AUP_MESSAGE

      _PSN_AUP_TITLE

      Acceptable use policy

      !!!N_AUP_BUTTON_ACCEPT

      BUTTON_ACCEPT

      Accept

      !!!N_AUP_BUTTON_DECLINE

      BUTTON_DECLINE

      Decline

    4. Modify policy configuration settings to suit your policy.

      For example, you may want to add a lengthier message in multiple languages. You could add a custom macro AUP_MESSAGE and include it under the !!!N_AUP_MESSAGE tag in psntfsvc.m4, then define the macro in custom language kvg files.

      See Adding macros to messages to learn how to add custom tags and macros.

    5. Set the Tag that you want to evaluate to determine non-compliant users.

      For example, set the tag name to AUP (if the tag does not exist, the plugin creates it) and set it to ”must exist” and leave the value field blank. This will flag users who do not have the tag or the tag is blank.

  9. Click Update.

When a user clicks Accept, the AUP DONE event action is triggered. When a user clicks Decline, the AUP NOT DONE event action is triggered. You can configure these event actions in the Manage the system > Modules User notifications (PSN) menu.

2971.png

See also

Event actions (exit traps)

In this section: