🔔 Recent activity
Loading…
Policies
Loading…
📐 How policies apply across mixed fleets
Four targeting layers (use the highest one that fits):
- Tag —
env:prod AND compliance:pci→ cross-cuts vendors and asset types. Most durable. - Asset group — saved query like "DC1 crown jewels".
- Asset type / vendor — when the syntax matters (e.g. only Cisco IOS).
- Individual asset — escape hatch for one-offs.
Same intent, different vendors → automatic. One Unified Policy IR fans out via per-vendor translators (Cisco IOS, NX-OS, Arista, Palo Alto, Juniper, Aruba…) so you author once, SafeCadence emits the right CLI per device.
Asset can't comply? Add an exception with reason + expiry + compensating control instead of weakening the policy.
| Policy | Targeting | Matched | Last eval | Status |
|---|---|---|---|---|
| Loading… | ||||