Rule Types for Each Endpoint Security Component

The table shows if the policy for each Endpoint Security component is enforced for each user or for each computer (the Rule Type).

The table also shows that you can define a Connected policy for all components. For some components you can also define Disconnected and Restricted policies.

Note - Deployment Rules are defined for computers, not for users.

Component	Rule Type	Connected	Disconnected	Restricted
Full Disk Encryption A component on Endpoint Security Windows clients. This component combines Pre-boot protection, boot authentication, and strong encryption to make sure that only authorized users are given access to information stored on desktops and laptops. Acronym: FDE.	Computer
Media Encryption & Port Protection A component on Endpoint Security Windows clients. This component protects data stored on the computers by encrypting removable media devices and allowing tight control over computers' ports (USB, Bluetooth, and so on). Acronym. MEPP.	User
OneCheck OneCheck settings define how users authenticate to Endpoint Security client computers. User Settings	User
Capsule Docs A component on Endpoint Security Windows clients. This component provides security classifications and lets organizations protect and share documents safely with various groups - internal and external.	User
Anti-Malware A component on Endpoint Security Windows clients. This component protects clients from known and unknown viruses, worms, Trojan horses, adware, and keystroke loggers.	User
SandBlast Agent Anti-Ransomware, Behavioral Guard and Forensics	Computer
SandBlast Agent Anti-Bot Check Point Software Blade on a Security Gateway that blocks botnet behavior and communication to Command and Control (C&C) centers. Acronyms: AB, ABOT.	User
SandBlast Agent Threat Extraction Check Point Software Blade on a Security Gateway that removes malicious content from files. Acronym: TEX., Emulation and Anti-Exploit	User
Compliance Check Point Software Blade on a Management Server to view and apply the Security Best Practices to the managed Security Gateways. This Software Blade includes a library of Check Point-defined Security Best Practices to use as a baseline for good Security Gateway and Policy configuration.	User
URL Filtering Check Point Software Blade on a Security Gateway that allows granular control over which web sites can be accessed by a given group of users, computers or networks. Acronym: URLF.	Computer
Firewall	User
Access Zones	User
Application Control Check Point Software Blade on a Security Gateway that allows granular control over specific web-enabled applications by using deep packet inspection. Acronym: APPI.	User
Client Settings	User