Policy Best Practices › Create a Phone Home Policy

More Information

Controlling the Phone Home Policy

Create a Phone Home Policy

In addition to the traditional subnet discovery methods, there is also the option to create and use a Phone Home policy on CA TM clients. At a defined schedule, the CA TM client sends a notification and policy consistency check to the CA TM Server. If the local IP range of the client does not exist, Phone Home creates the subnet in the Subnets area on the Discovery tab in the Threat Management Console.

In addition, you can further control the subnet creation process using the following registry keys, AllowedSubnets, and UnallowedSubnets.

These are located in the CA TM registry branch under CurrentVersion\NameServer. The format of the IP ranges can be as follows and delimited with a comma:

By default the CA TM Console will not automatically generate subnets for the following addresses:

To create a Phone Home policy

  1. Log into the CA TM Console.
  2. Click on Policy Management.
  3. For Application select Common, and for Type select Phone Home.
  4. Click on Schedule, and then specify how often you want the client machines to contact to the CA TM Sever.

    Enter ITM Host Name in Phone Home Policy

  5. Click Additional, and enter the following information:
    1. In the Host Server field enter the name of the CA TM Server machine.
    2. In the Approved Server field enter the IP address of the CA TM Server machine.

      Note: If you are using multiple CA TM Servers, separate each IP adress with a comma.

    3. Click on Apply.

      Enter Host Name of ITM Server

  6. Click Assign and select the branches to which you want to assign the policy.
  7. Click Assign Branches.

    The policy is assigned to the specified branches.

Copyright © 2009 CA. All rights reserved.