Policy Operation

The new policy operation mode allows greater flexibility to the user by proving him with a choice of capability rule applicability. While under the old policy calculation the rule type of each capability determined whether the capability can work on user or computer, under the new policy the user has the ability to define for himself which method he wants the capability to work in (except in cases where it only makes sense for the capability to apply to users or computers, but not both).

In this new operation mode, most capabilities are "mixed", which means they can function per users or computers, according to the user's choice. In each capability, the rules are ordered both by their assigned environment, from the specific down to the general, as well as by user/computer applicability: the first rule applies to the users, and if no match is found, the following rules apply to computers/devices as well.

To view the Policy Operations Mode page, click Endpoint Settings > Policy Operations Mode.

Old Policy Calculation Mode

Component

Rule Type

Full Disk Encryption Computer only
Media Encryption & Port Protection Computer (default) / User
Onecheck User only
Anti-Malware Computer (default) / User
Anti-Ransomware, Behavioral Guard & Forensics Computer only
Anti-Bot & URL Filtering Computer (default) / User

Threat Emulation, Threat Extraction & Anti-Exploit

Computer (default) / User

Compliance

Computer (default) / User

Firewall

Computer (default) / User

Access Zones

Computer (default) / User

Application Control

Computer (default) / User

Client Settings

Computer (default) / User

.