Policy

In the Policy tab, you can configure granular policies for different device groups. Granular policies let you apply stronger security controls to specific groups, for example, enable more security controls for your VIPs.

To create device groups, see Adding a Device Group. You can also apply policies to individual devices, but using groups allows better scalability.

To enforce the policy on the end-user device, the end-user or the UEM Unified Endpoint Management. An architecture and approach that controls different types of devices such as computers, smartphones and IoT devices from a centralized command point. must grant the permissions listed in Permissions and Features Dependencies.

Note - To verify whether the latest policy is enforced on the mobile device, check the time stamp of the last policy update on the Harmony Mobile Protect app: In Android devices, tap the three dots > Settings > About. In iOS devices, tap the three dots > About > Policy.

Rulebase

When you open the Policy tab, the Rulebase displays a rulebase list with the Global policy profile as default.

When you add new policy profiles, they are added to the rulebase to apply them on the appropriate device groups.

The rules are processed in order from top to bottom (aka first-match). Once a match for the device is made, that policy is applied to the device. For example, if a device matches two policies, the highest-ranked matching policy is applied to the device.

Best Practices : Place the most specific policies higher in the list. Keep the Global policy at the bottom of the list. To reorder policies, drag the rule Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session. number up or down.

To activate a policy and apply it to a device group:

1. Click or .

   A new line is added to the rulebase list.

   

2. Enter these:

   1. Rule Name

   2. Select the devices or device groups from the list.

   3. Select the policy profile from the list.

      For more information, see Policy Profiles.

   4. (Optional) Enter a comment.

3. Click Save.

4. To move a rule, click the rule # up or down, drag and drop as required.

5. To view all changes before you save them, click and then click View Changes.

   

6. Click Save.

Policy Configuration

You can set one of these risk levels to a device for a security event:

• Risk level (Default) - For example, No Risk (Default).

• High (Device Alert)

• Medium (Device Alert)

• Medium (No Device Alert)

• Medium (Dismissive Device Alert)

• Low (No Device alert)

• No Risk

Notes: Risk level (Default) – If you select a default risk level, the system automatically changes the default risk value based on its analysis. Other risk values - Administrator must set the value manually. The value does not change automatically by system detection.