Novell Doc: Sentinel 6.1 Rapid Deployment User Guide

16.1 Solution Packs

Controls within a Solution Pack can include the following types of content:

Correlation rule deployments, including deployment status and associated correlation rules, correlation actions, including JavaScript plug-ins and integrators, and dynamic lists
Reports
iTRAC workflows, including associated roles
Event enrichment, including map definitions and event meta tag configuration
Other associated files added when the Solution Pack is created, such as documentation, example report PDFs, or sample map files.

Although Solution Packs have many uses, one of the most important use is to package content related to governance and regulatory compliance into a comprehensible and easily enforceable framework that is easy to deploy. Novell and its partners offer and extend Solution Packs around such regulations or other customer needs.

Solution Packs are created with Solution Designer application. Using this tool, a user creates the Solution Pack, associated controls and documentation (including implementation and testing steps), and then associates Sentinel content with each control. The entire package is then exported as a ZIP file.

The ZIP file containing the Solution Pack is imported and deployed into an existing Sentinel system by using the Solution Manager in the Sentinel Control Center. The Solution Manager displays implementation and testing steps in the Solution Pack and tracks the status of each control. At any time, users can generate a detailed document with implementation status for each control.

16.1.1 Components of a Solution Pack

Solution Packs consist of categories, controls, content, and content groups. These components are represented in a hierarchy. The following image depicts the hierarchy in a Solution Pack:

Figure 16-1 Solution Pack Hierarchy

The table below describes each level in a Solution Pack hierarchy.

Table 16-1 Solution Pack Hierarchy Levels

Icon	Name	Description
	Solution Pack	Solution Pack is the root node in the content hierarchy. Each Solution Pack can contain one or multiple category nodes.
	Category	Category is a conceptual classification. Each category can contain one or multiple controls.
	Control	Control is another level of classification, which often corresponds to a particular control defined by a set of regulations. Each control can contain one or multiple content groups.
N/A	Content Group	A content group is a set of related content. There are several types of content groups, such as reports, correlation rules, and event configurations, each with its own icon.

The table below describes the types of content groups and the content that they contain.

Table 16-2 Table 14‑2: Types of Content Group

	Event Configuration	A content group that contains a map definition and the configuration of one or more related Sentinel meta tags. This icon is also used for the meta tag configuration definition.
	Map	Indicates the map definition instance.
	Workflow	A content group that contains an iTRAC workflow template and any associated roles. This icon is also used for the iTRAC workflow template itself.
	Role	Indicates a role used in a workflow.
	Correlation Rule	A content group that contains a correlation rule, the namespace in which it is stored, and any associated correlation actions or dynamic lists. This icon is also used for the correlation rule definition.
	Namespace	Indicates a namespace Instance in which the correlation rule is stored.
	JavaScript Action Plugin	Indicates a JavaScript Action plug-in.
	JavaScript Action	Indicates a configured JavaScript Action instance.
	Integrator Plugin	Indicates an Integrator plug-in.
	Integrator	Indicates a configured Integrator instance.
	Action	Indicates an Action configuration for a correlation action.
	Correlation Rule Deployment	Indicates the correlation rule deployment.
	Report	A content group that contains a JasperReport. This icon is also used for the .rpt report file.
	Dynamic List	Indicates a dynamic list.

16.1.2 Permissions for Using Solution Packs

To use the Solution Manager or Solution Designer, a user must be assigned the necessary permissions in the User Manager.

Log into the Sentinel Control Center as a user with permissions to use the User Manager.
Go to the Admin tab.
Open the User Configuration folder.
Open the User Manager window.
Click the Permissions tab.
Select Solution Designer, Solution Manager, or Solution Pack, which automatically selects both child permissions. The new permissions are applied the next time the user logs in.