BANNER_CHECK Checks

The BANNER_CHECK policy item checks whether the configuration content matches the content provided by normalizing the values to use common newline, escaping patterns, and stripping white space from the beginning and end of the policy text.

Usage

<custom_item>

type: BANNER_CHECK

description: ["description"]

item: ["config item"]

content: ["banner content"]

(optional) is_substring: [YES|NO]

</custom_item>

Keywords

Keyword Description
item

The configuration items present on the target for managing banner output. The following items are supported for evaluation:

  • inline welcome-banner

  • inline sshv2-welcome-banner

  • inline banner login

  • inline pre-authentication-terms

Example:

<custom_item>

type : BANNER_CHECK

description : "inline welcome-banner is configured"

item : "inline welcome-banner"

content : "** No Unauthorized Access **"

</custom_item>

content

The content is the expected banner content. New lines in the banner are automatically processed through functions that determine delimiters and context.

Example:

<custom_item> type : BANNER_CHECK description : "inline sshv2-welcome-banner is configured"

item : "inline sshv2-welcome-banner"

content : "All access is monitored and recorded."

</custom_item>

is_substring

(Optional) The is_substring flag allows location-specific information to be placed in a banner. By setting to YES, the expected banner can be a substring of the config, and not require a full match.

Example:

<custom_item> type : BANNER_CHECK description : "inline sshv2-welcome-banner is configured - with is_substring" item : "inline sshv2-welcome-banner" content : "access is monitored" is_substring : YES

</custom_item>