Creating and managing staging policies
To test risk policy changes before putting them into production, you can create a staging policy that is associated with the risk policy that you’re currently using.
About this task
When an evaluation event occurs for the production risk policy, the incoming risk data is also passed through the staging policy affiliated with the production policy, creating two sets of risk evaluation data: one for the production policy and one for its associated staging policy.
Staging policies are set to expire after 3 months, and the expiration date is displayed next to the risk policy name.
When a staging policy expires, incoming risk data is no longer passed through the staging policy for evaluation.
Go to Threat Protection → Risk Policies:
Steps
-
To create a staging policy, click the More Options (⋮) icon for the policy and select Create staging policy.
Result:
A policy editing window opens, and you can make the changes that you want to test.
-
To promote the staging policy to production, click the More Options (⋮) icon for the policy, and select Promote to production.
Result:
When you promote a staging policy to production:
-
The settings in the staging policy are copied to production and replace the production policy settings. The policy name and ID remain the same.
-
The staging policy is deleted from the Risk Policies list.
A staging policy can be promoted to production even if it has expired.
-
-
To delete a staging policy, click the More Options (⋮) icon and select Delete.