Sample policies

Seven sample policies are shipped with Symantec ESM. After installing Symantec ESM, make copies of the sample policies, then rename and edit the copies to implement your company's security policy.

The following sample policies are shipped with Symantec ESM and let you begin with the most basic security issues and resolve any weaknesses before proceeding to the next level of complexity:

Phase 1	The Phase 1 policy includes the following modules: Account Integrity Disk Quota Encrypted File System File Watch Login Parameters Network Integrity OS Patches Password strength Startup Files System Auditing
Phase 2	The Phase 2 policy includes the following modules in addition to the modules in Phase 1: File Attributes Object Integrity Registry User Files
Phase 3	Phase 3 policies let you apply different standards to various networks or computers, such as Relaxed for development or testing, Cautious for production, and Strict for sensitive areas such as finance or strategic planning. Phase 3 has the following types: Phase 3:a Relaxed Includes all modules in Phase 2 with more security checks enabled Phase 3:b Cautious Includes all modules in Phase 3:a with more security checks enabled and the Backup Integrity module Phase 3:c Strict Includes all modules in Phase 3:b with more security checks enabled
Queries	The Queries policy reports account information and file permissions. It includes the following modules: Account Information Discovery File Watch User Files
Dynamic Assessment	The Dynamic Assessment policy integrates your customized scripts and programs with Symantec ESM. It uses the Integrated Command Engine (ICE) module.