Dear community,

I am deploying the Harmony Endpoint client via dynamic package to my users, and I would like to know how to manage the different blades moving forward.

Right now, I have only enabled a subset of the blades to match what I is needed at the moment, in order to reduce the package size and not enabled unnecessary blades that I won't be using at the moment:

- Enabled (ticked): URL Filtering, RA VPN, Compliance

- Disabled (unticked): Anti-Malware, all of Data Protection, Capsule Docs, Firewall & App control

I have attached some screenshots to illustrate the above.

For example, aside being more optimal and to reduce the package size, I have especially disabled the Data Protection features in the package because I don't want to use the encryption policies, I have not found a way to disable the default encryption policies in the Harmony Endpoint interface and they apply by default, so to avoid any issues I just disabled them on the package. Is there something I missed here?

In addition, I would like to understand if there are best practices on how to manage blades in case there are changes in the future, I have not seen this part really detailed in the admin guide. For example, if in the future I want to enable Anti-Malware or Firewall & App control, is it enough to just configure it in the Harmony Endpoint Policy and push it to the client to update their settings and enable it? Or it won't work since the blade is disabled on the package that was installed on the devices? Does that mean that to enable new blades I need to reinstall/push a new package with those blades enabled? If that's the case it's not really practical..

I would be glad to hear some feedback if you have been using the Harmony Endpoint solution and if you have best practices regarding the above or in general.

Thank you.