The applications installed on client devices are centrally configured by defining policies.
Policies created for applications in an administration group are displayed in the workspace, on the Policies tab. Before the name of each policy, an icon with its status is displayed.
After a policy is deleted or revoked, the application continues working with the settings specified in the policy. Those settings subsequently can be modified manually.
A policy is applied as follows: if a device is running resident tasks (real-time protection tasks), they keep running with the new setting values. Any periodic tasks (on-demand scan, update of application databases) that are started keep running with the values unchanged. Next time, they will be run with the new setting values.
Policies for applications with multitenancy support are inherited to lower-level administration groups as well as to upper-level administration groups: the policy is propagated to all client devices on which the application is installed.
If Administration Servers are structured hierarchically, secondary Administration Servers receive policies from the primary Administration Server and distribute them to client devices. When inheritance is enabled, policy settings can be modified on the primary Administration Server. After this, any changes made to the policy settings are propagated to inherited policies on secondary Administration Servers.
If the connection is terminated between the primary and secondary Administration Servers, the policy on the secondary Server continues, using the applied settings. Policy settings modified on the primary Administration Server are distributed to a secondary Administration Server after the connection is re-established.
If inheritance is disabled, policy settings can be modified on a secondary Administration Server independently from the primary Administration Server.
If the connection between Administration Server and a client device is interrupted, the client device starts running under the out-of-office policy (if it is defined), or the policy keeps running under the applied settings until the connection is re-established.
The results of policy distribution to the secondary Administration Server are displayed in the policy properties window of the console on the primary Administration Server.
The results of policy distribution to client devices are displayed in the policy properties window of the Administration Server to which they are connected.
Do not use private data in policy settings. For example, avoid specifying the domain administrator password.