HOW TO: Manage Policy Chain Settings in PGP Universal Server

book

Article ID: 180176

calendar_today

Updated On:

Products

Symantec Products

Issue/Introduction

 

Resolution


This article provides administrators instructions on how to edit and manage Policy Chains to establish Mail Policy in PGP Universal Server.
 

Note: This answer pertains to PGP Universal Server 2.5.0 - 2.12.0.

 

Managing Policy Chains

Use these procedures to add, delete, and edit policy chains.

 

Caution: It is possible to export mail policy as an XML file, edit chains and rules directly in XML, and then import the edited file back into the PGP Universal Server. However, there is a higher risk of error using this method. You may want to edit mail policy directly in XML if you have a large number of changes to make at once, for example if you are migrating PGP Universal Server 2.0.6 proxy settings from multiple upgraded clustered Secondaries. Contact PGP Support (www.pgp.com/support) for help if you intend to edit mail policy in XML.


To Edit the Settings for a Policy Chain:
 

  1. Go to the Mail/Mail Policy Card and Click the name of the chain you want to edit. The Policy Chain card appears.
  2. Click Edit Policy Chain Settings.
  3. Type a new name for the policy chain, if necessary.
     
  4. Choose which applications, PGP Universal Server and PGP Desktop client, to which you want the rules in the chain to apply. You can choose to apply the rules to both Server and Client, to Server Only, or to Client Only.

    Rules that apply to the server only are enforced on the PGP Universal Server. Rules that apply to the client only are enforced on the client. Rules that apply to both server and client are enforced on both applications.

    Different conditions and actions will be available in the rules depending on whether the rules apply to PGP Universal Server, PGP Desktop, or both.

     
  5. Click Save.

 

To Create a New Policy Chain:
 

  1. Go to the Mail/Mail Policy Card and do one of the following:

         - Click the Add Policy Chain button.

         - From the Options list, select Import Policy Chains.

     
  2. To create a new chain, select Create New Policy Chain.

     
  3. Type in the name for the new chain.

     
  4. Choose which applications, PGP Universal Server and PGP Desktop client, to which you want the rules in the chain to apply. You can choose to apply the rules to both Server and Client, to Server Only, or to Client Only.

    Rules that apply to the server only are enforced on the PGP Universal Server. Rules that apply to the client only are enforced on the client. Rules that apply to both server and client are enforced on both applications.

    Different conditions and actions will be available in the rules depending on whether the rules apply to PGP Universal Server, PGP Desktop, or both.

     
  5. Click Save.

 

Deleting Policy Chains:
 

Caution: The Default and Default: Legacy Clients policies cannot be deleted, but you can delete or edit the rules within. The Default chains provide a necessary starting point in the mail policy for all message processing. If you delete or change the rules in the Default chains, it can make your mail policy invalid and prevent your messages from being processed.


 

  1. To delete one policy chain:

         a.  Click the Delete icon of the policy chain you want to delete.

              A confirmation dialog appears.

         b.  Click OK.

              The policy chain is removed from the mail policy list.

     
  2. Deleting multiple policy chains:

         a.  Click the checkbox at the far right end of the row of each of the policy chain you want to delete.

         b.  Select Delete Selected from the Options menu at the bottom right corner, or Delete All to remove all policy chains.

             A confirmation dialog appears.

         c.  Click OK.

              The policy chains are removed from the mail policy list.
     

Managing Rules

Adding Rules to Policy Chains:
 

  1. Go to the Mail/Mail Policy Card and Select the Policy Chain to which you want to add a rule.

    The Policy Chain card appears.

     
  2. Click Add Rule.

    The Add Rule card appears.

     
  3. Type in a name and description for the rule. The description should provide an explanation for what the rule does.

     
  4. Add conditions, actions, and keyserver locations, as needed.

 

Deleting Rules from Policy Chains:
 

  1. To delete a specified rule:

         a.  Go to the Mail/Mail Policy Card and Select the policy chain from which you want to delete a rule.

              The Policy Chain card appears.

         b.  Click the Delete icon of the rule you want to delete.

              A confirmation dialog appears.

         c.  Click OK.

              The rule is removed from the policy chain.

     
  2. To delete multiple rules:

         a.  Go to the Mail/Mail Policy Card and Click the checkbox at the far right end of the row of each of the rule you want to delete.

         b.  From the Options list, select Delete Selected, or Delete All to remove all rules.

              A confirmation dialog appears.

         c.  Click OK.

              The rules are removed from the policy chain.
     

Enabling and Disabling Rules:

 

Caution If you disable a rule in the policy chain, it could cause email to be processed incorrectly. Depending on how you have designed your policy chain, disabling rules may cause email to be sent unintentionally unencrypted, or to fall through the policy chain and not be sent at all.


An enabled rule is a rule that is turned on and being used to process email on the policy chain. A disabled rule is not deleted, but is not currently in use to process email through the policy chain.

 

  1. Go to the Mail/Mail Policy Card.
  2. Click the checkbox at the far right end of the row of each of the rule you want to enable or disable.

     
  3. Click Save.

     
  4. The rule is now either enabled or disabled.