Threat Prevention Policy Template

The template consists of predefined settings for Threat Prevention policy capabilities, such as Web & Files Protection, Behavioral Protection and so on.

Creating a Threat Prevention Policy Template

00:00: Harmony Endpoint allows Managed Security Service Providers to manage policies of their child accounts from a central location. This video shows how to create a custom Threat Prevention policy template in the MSSP account and attach it to a child account. 00:17: Log in to the Infinity Portal and access the Harmony Endpoint Administrator Portal with the MSSP account. 00:24: Go to Policy and click MSSP View and then select Threat Prevention under Template Repository. 00:31: Select the default template and click "Clone" to duplicate it. 00:35: Select the cloned template and in the Capabilities and Exclusions pane, make the necessary changes for the capabilities including Advanced Settings. 00:44: Click Save. Now that you have created the template in the MSSP account, you need to link it to the child account. 00:51: To do that, log in to the Harmony Endpoint Administrator Portal using the child account and click Policy. 00:58: Go to Threat Prevention. Click Policy Capabilities and select a device policy. make sure that the policy is connected 01:06: In the Capabilities and Exclusions pane, from the MSSP template list, select All templates. 01:12: Choose a template and click Select. 01:15: Note that selected template's name appears with a MSSP tag for the policy. Click Save and Install the policy. 01:23: After the policy is installed, notice that the policy capability settings are disabled and the changes to the template from the MSSP account are automatically applied to the child account. 01:35: The template widget in the MSSP account shows the child accounts and the capabilities associated with a template. 01:42: Thank you for watching the video.

  1. Access the Harmony Endpoint EPMaaS Administrator Portal with the MSSP account.

  2. Click Policy > MSSP View > Template Repository > Threat Prevention.

  3. Select the Default template and click Clone.

  4. Select the cloned template and in the Capabilities and Exclusions pane, do these:

    1. In the Name field, edit the name. For example, Default Settings for All Customers.

    2. (Optional) In the Description field, enter a description.

    3. To add exclusions, click Exclusions Center. See Adding Exclusions to Rules.

    4. Configure these capabilities, including Advanced Settings:

  5. Click Save.

Attaching the Threat Prevention Policy Template to a Child Account

  1. Access the Harmony Endpoint EPMaaS Administrator Portal with the child account.

  2. Go to Policy > Threat Prevention > Policy Capabilities.

  3. Select the policy in the table.

    Note - Make sure the ruleClosed Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session. is for devices only and it is Connected. To view device specific rules, change the policy operation mode to Mixed. For more information, see Unified Policy.

  4. In the Capabilities and Exclusion pane, from the MSSP template list, select All templates.

    The MSSP Templates window appears.

  5. Select the template from the left pane and click Select.

  6. Click Save & Install.

After the policy is installed, the policy capability settings are disabled (Read-only) and the changes to the template from the MSSP account are automatically applied to the child account.

Viewing the Accounts Attached to a Template

  1. Access the Harmony Endpoint EPMaaS Administrator Portal with the MSSP account.

  2. Click Policy > MSSP View > Template Repository > Threat Prevention.

    Used by shows the number of child accounts attached to the template.

  3. To view the child accounts, click the number. The MSSP Templates pop-up appears and shows the details:

    Column Name

    Description

    Account name

    Child account name.

    Rule name

    Policy rule name that uses the template in the child account.

    Status date

    Last date and time in the server when the child account checked for the template updates.

    Status

    Status of the last update.

    • Success - The child account received the latest updates from the template.

    • Failed - The child account failed to receive the latest updates from the template.