Migrating legacy detection policy files, Converting legacy detection policy files – Symantec Critical System User Manual

111

Migrating to the latest version

Migrating legacy detection policy files

Migrating legacy detection policy files

Your legacy detection policy files may have both enabled and disabled rules. The
enabled and disabled status of the rules is also migrated.

Migration involves understanding the following processes and concepts:

■

Converting legacy detection policy files

■

Importing the zip file

■

Creating a new policy

■

Validating your rules

■

Validating rule types and criteria

■

About configuring an option group

■

Compiling your policy

■

Applying policies created and compiled in the authoring environment

Before attempting migration, you should be comfortable with using the
Symantec Critical System Protection authoring environment.

See the Symantec Critical System Protection Authoring Guide for instructions
creating and compiling detection policies.

You must also understand rule types, which is a new feature.

Converting legacy detection policy files

You run the policy conversion utility from a command prompt. The syntax is as
follows:

ITAHIDSpolicyMigration.exe

The policy conversion utility eliminates spaces in policy and rule names, and
supports conversion to policy files. This is accomplished using command line
switches.

The -p switch converts legacy detection policy files to Symantec Critical System
Protection detection policy files, and creates option groups for the policy so that
you can see the policy rules with the management console. The OS switches
convert OS-specific policies; if you do not specify an OS switch, then the
migrating ITA policies will be converted as Windows policies.