Managing policies

The applications installed on client devices are centrally configured by defining policies.

Policies created for applications in an administration group are displayed in the workspace, on the Policies tab. Before the name of each policy, an icon with its status is displayed.

After a policy is deleted or revoked, the application continues working with the settings specified in the policy. Those settings subsequently can be modified manually.

A policy is applied as follows: if a device is running resident tasks (real-time protection tasks), they keep running with the new setting values. Any periodic tasks (on-demand scan, update of application databases) that are started keep running with the values unchanged. Next time, they will be run with the new setting values.

Policies for applications with multitenancy support are inherited to lower-level administration groups as well as to upper-level administration groups: the policy is propagated to all client devices on which the application is installed.

If Administration Servers are structured hierarchically, slave Administration Servers receive policies from the master Administration Server and distribute them to client devices. When inheritance is enabled, policy settings can be modified on the master Administration Server. After this, any changes made to the policy settings are propagated to inherited policies on slave Administration Servers.

If the connection is terminated between the master and slave Administration Servers, the policy on the slave Server continues, using the applied settings. Policy settings modified on the master Administration Server are distributed to a slave Administration Server after the connection is re-established.

If inheritance is disabled, policy settings can be modified on a slave Administration Server independently from the master Administration Server.

If the connection between Administration Server and a client device is interrupted, the client device starts running under the out-of-office policy (if it is defined), or the policy keeps running under the applied settings until the connection is re-established.

The results of policy distribution to the slave Administration Server are displayed in the policy properties window of the console on the master Administration Server.

The results of policy distribution to client devices are displayed in the policy properties window of the Administration Server to which they are connected.

Do not use private data in policy settings. For example, avoid specifying the domain administrator password.

In this section

Creating a policy

Displaying inherited policy in a subgroup

Activating a policy

Activating a policy automatically at the Virus outbreak event

Applying an out-of-office policy

Modifying a policy. Rolling back changes

Comparing policies

Deleting a policy

Copying a policy

Exporting a policy

Importing a policy

Converting policies

Managing policy profiles

See also:

About multi-tenant applications

Page top