Rule Types for Each Endpoint Security Component

The table shows if the policy for each Endpoint Security component is enforced for each user or for each computer (the Rule Type).

It is also possible to define a Connected policy for all components.

For some components you can also define Disconnected and Restricted policies.

For instructions on how to change policy type, see the "Policy Operation" section in the R81 Harmony Endpoint Web Management Administration Guide.

Note - Deployment Rules are defined for computers, not for users.

Old Policy Calculation Mode

Component	Rule Type
Full Disk Encryption A component on Endpoint Security Windows clients. This component combines Pre-boot protection, boot authentication, and strong encryption to make sure that only authorized users are given access to information stored on desktops and laptops. Acronym: FDE.	Computer only
Media Encryption & Port Protection A component on Endpoint Security Windows clients. This component protects data stored on the computers by encrypting removable media devices and allowing tight control over computers' ports (USB, Bluetooth, and so on). Acronym. MEPP.	Computer (default) or User
OneCheck OneCheck settings define how users authenticate to Endpoint Security client computers. User Settings	User only
Anti-Malware A component on Endpoint Security Windows clients. This component protects clients from known and unknown viruses, worms, Trojan horses, adware, and keystroke loggers.	Computer (default) or User
Anti-Ransomware, Behavioral Guard and Forensics	Computer only
Anti-Bot Check Point Software Blade on a Security Gateway that blocks botnet behavior and communication to Command and Control (C&C) centers. Acronyms: AB, ABOT. and URL Filtering Check Point Software Blade on a Security Gateway that allows granular control over which web sites can be accessed by a given group of users, computers or networks. Acronym: URLF.	Computer (default) or User
Threat Emulation Check Point Software Blade on a Security Gateway that monitors the behavior of files in a sandbox to determine whether or not they are malicious. Acronym: TE., Threat Extraction Check Point Software Blade on a Security Gateway that removes malicious content from files. Acronym: TEX. and Anti-Exploit	Computer (default) or User
Compliance Check Point Software Blade on a Management Server to view and apply the Security Best Practices to the managed Security Gateways. This Software Blade includes a library of Check Point-defined Security Best Practices to use as a baseline for good Security Gateway and Policy configuration.	Computer (default) or User
Firewall	Computer (default) or User
Access Zones	Computer (default) or User
Application Control Check Point Software Blade on a Security Gateway that allows granular control over specific web-enabled applications by using deep packet inspection. Acronym: APPI.	Computer (default) or User
Client Settings	Computer (default) or User