Configuring Endpoint Policy

The security policy in the Endpoint Web Management Console contains these components:

  • Threat Prevention - which includes Web & Files Protection, Behavioral Protection and Analysis & Remediation. The Threat Prevention policy is unified for all the Threat Prevention components. This is different than the Policy Rule Base in SmartEndpoint, where each Workspace Security component has its own set of rules.

  • Data Protection - which includes Full Disk Encryption.

In addition, the Endpoint policy contains the Global Policy Settings (see Configuring Global Policy Settings) and the Deployment Policy (see Deploying Endpoint Clients).

You can add more rules to each Rule Base and edit rules as necessary. Changes are enforced after the policy is installed.

When you plan the security policy, think about the security of your network and convenience for your users. A policy should permit users to work as freely as possible, but also reduce the threat of attack from malicious third parties.

The security policy has these on-screen options:

  • User-Based Policy - Policy is arranged by blades, each blade has its own set of rules (same as the SmartEndpoint view)

  • Computer-Based Policy - Policy is arranged by the protected scope. Each rule contains the protected scope and the blades which are activated for that protected scope.

To switch between the views, go to Endpoint Settings > Policy Operation Mode.