A Peek Inside ConfigOS MPO’s Key Features: Rapid Policy Debugger

Written by Jamie McCoard, SteelCloud Development Manager

What is MPO’s Rapid Policy Debugger Feature?

The Rapid Policy Debugger or RPD allows the ability to select a subset of controls from the associated policy of an endpoint to run a manual scan or remediation.

Why Use MPO’s RPD?

This feature is great for debugging a policy, especially when searching for one or more controls that may impact others or cause an undesired impact on your endpoint. An undesired impact could be where a control’s requirement blocks access to an application that is needed for day-to-day operations. A control that you may need a waiver for or an updated acceptable compliance and remediation value.

RPD is typically used for debugging remediation changes but can be used for gathering a subset of scan results.

Usage of MPO’s RPD

A user must have the permission of “Can Perform Rapid Policy Debug” or “Administrator” to use the RPD feature.

With permissions enabled, from the Scan and Remediate area on the header bar the “Rapid Policy Debugger” toggle will be displayed to the left of the selected job counters.

Turn on the toggle. It will show green when the indicator is shifted to the right.

From the infrastructure tree, check the box to the left of an endpoint to debug. It will add the endpoint to the Scan and Remediate list. Set the job type of Remediation on the left mode selector. Expand the endpoint to view the policies attached, then expand the policy to see the list of controls within that policy.

The controls are listed in alphabetical order. Check the box to the left of the control to set it to run for the manual job.

There are several ways to select controls for usage with the RPD:

• For selection many controls that are together, use the shift key. Select the top desired control, hold shift key down and select the bottom desired control. With the rows highlighted, right click and select “Debug on”.
• For selection controls that are not together, use the ctrl key. Hold down the control key and select each row to highlight it. With the rows highlighted, right click and select “Debug on”.
• Right click in the controls list and select “Debug all” to check all controls for all policies for all endpoints.

Use the run button to start the job. Upon completion of running the selected controls it will display inline status for each selected control as well as the ability to review the job results in the Results area.

Check over the endpoint to determine the selected controls impact.

Use the immediate rollback on the select controls to aid in the discovery of failings between testing the next set of RPD controls.

Run the new subset of controls until you find one or more that are causing conflicts with the expected endpoint. Be wary that it could be a combination of controls.

Conclusion

Use Rapid Policy Debugger to help discover improvements to harden your application stack in a pre-production environment.

If you have any questions, reach out to us to schedule a demo!