User Guide

318 Chapter 7 TunnelGuard SRS Builder

320818-A

Configuring SRS rules

The building blocks used to construct the Software Requirement Set (SRS) are

files (or combinations of files) and registry key settings that must either be present

or be absent on the client host. You can create different SRS rules for different

groups.

You must use the TunnelGuard SRS Builder in the SREM to create or modify SRS

rules. You cannot create your own SRS rules using the CLI.

You can use the TunnelGuard quick setup wizard in either the CLI or the SREM to

create a test rule (

srs-rule-test), which you can subsequently modify using

the TunnelGuard SRS Builder. To create the test rule, see “Using the quick

TunnelGuard setup wizard in the CLI” on page 134 or “Using the TunnelGuard

Quick Setup in the SREM” on page 172. The test rule tests for the presence of the

following file on the client host:

C:\tunnelguard\tg.txt

To create an SRS rule, perform the following steps:

1 Create a software definition (see “Creating a software definition” on

page 327)

2 Add entries to the software definition (see “Adding entries to a software

definition” on page 328 and “Creating a registry entry” on page 341)

3 Create logical expressions (see “Creating logical expressions” on page 333)

The TunnelGuard user interface

To learn more about an item, select one of the following topics:

• “Menu commands” on page 319

• “SRS definition toolbar” on page 322

Note: When creating an SRS rule, consider the user rights that clients in

your network have on their machines. For example, do not configure an

SRS rule to check for registry items that users may not be authorized to

access.