Print Download PDF Send Feedback

Previous

Next

Working with Rules

A rule is a set of predefined actions that a Software Blade does to enforce security on specified users and computers. Each Software Blade has one default rule that applies to all endpoint computers and users that are not assigned to a different rule. You can change the default rule settings, but you cannot delete it.

Each rule contains one or more:

Inheritance and Rule Priority

The default rule, located at the top of each blade section, applies to all users and computers that are not protected by a different rule. User-defined rules show below the default rule.

Endpoint Security assigns the matching first rule (after the default rule) for each blade.

The first Other Rule that a user or computer matches for each blade is applied. If no Other Rule matches, the default rule applies.

For example, user Jane Collins is in the Human Resources department and uses a laptop.

Make sure that rules for specified users or computers are located above those for groups and containers they are members of. For example:

Creating New Policy Rules

Each Software Blade has a default rule in the Policy Rule Base. The default rule applies to the Entire Organization unless there are Other Rules that match a user or computer.

If you create more rules for a blade, the first rule that a user or computer matches in the Other Rules section is applied.

To create a new policy rule:

  1. Right-click in a policy rule to create a new rule for the same blade.

    The Create Rule Wizard opens.

  2. On the Select Enforcement state page, select Add Rule for and select a state:
    • When Connected
    • When Disconnected (only shows when applicable for that blade)
    • When Restricted (only shows when applicable for that blade)
  3. On the Select Entities page, select those OUs, groups or individuals that this rule applies to.
  4. On the Change Policy Actions, right-click the applicable actions and configure as necessary.
  5. On the Finish page, enter a descriptive Name and optionally Comments.
  6. Click Finish.
  7. Click Install to install the policy on Endpoint Security clients.