Compliance

The Compliance component of Endpoint Security makes sure that endpoint computers comply with security rules that you define for your organization. Computers that do not comply show as non-compliant and you can apply restrictive policies to them.

The Compliance component makes sure that:

• All assigned components are installed and running on the endpoint computer.

• Anti-Malware is running and that the engine and signature databases are up to date.

• Required operating system service packs and Windows Server updates are installed on the endpoint computer.

• Only authorized programs are installed and running on the endpoint computer.

• Required registry keys and values are present.

  Note - Registry and File Version checks are not relevant for macOS

If an object (for example an OU or user) in the organizational tree violates its assigned policy, its compliance state changes, and this affects the behavior of the endpoint computer:

• The compliant state is changed to non-compliant.

• The event is logged, and you can monitor the status of the computer and its users.

• Users receive warnings or messages that explain the problem and give a solution.

• Policy rules for restricted computers apply. See Connected, Disconnected and Restricted Rules.