Creating a Security Profile
To distribute security resources across logical systems, you can create security profiles that specify the type and amount of resources to be allocated to a logical system. You can create security profile and bind it to more than one logical systems, if you want to allocate the same type and amount of resources to them.
When a device is discovered in Security Director for the first time, you can see the list of security profiles, if any, while creating a logical system. Alternatively, you can create security profiles in Security Director.
To create a security profile:
- Select Devices > Security Devices.
The Security Devices page is displayed.
- Select a root device and click Create Logical System.
The Create Logical System (LSYS) page is displayed.
- Click Add Bulk LSYS.
The Add Bulk Logical System (LSYS) page is displayed.
- Under Security Profiles, click the + icon.
The Create Security Profile page is displayed.
- Complete the configuration according to the guidelines given in Table 1.
- Click Save.
The Job Details page is displayed with the status of update security profile job. If the job is successful, the security profile is created.
Table 1: Security Profile
Security Profile Name
Enter a valid unique name. The name must contain only letters and numbers. Note that the security profile name must be unique for the selected root device.
Select the type of resource and allocate the reserved and maximum value for the selected resource.
Each security profile contains resources with a range based on the devices. You can manage the resources by allocating reserved and maximum values.
It guarantees that the specified resource amount is always available to the logical system. If a reserved quota is not configured for a resource, the default value is 0.
If a logical system requires more resource than its reserved amount allows, it can utilize resources configured for the global maximum amount if they are available—if they are not allocated to other logical systems. The maximum allowed quota specifies the portion of the free global resources that the logical system can use. The maximum allowed quota does not guarantee that the amount specified for the resource in the security profile is available.
If a maximum allowed quota is not configured for a resource, the global system quota for the resource is used as a default value. Global system quotas are platform-dependent.