Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
vinceneil666
Advisor
Jump to solution

Sandblast Agent (Harmony Endpoint), Virtual groups.

Yo,

So I operate quite large number of clients, and have them all divided into virtual groups relating to whoe get which policy and so on..

As an example I have a "General servers", "Special Servers", "Laptops".. etc . etc. I have also created a "Troubleshoot" virt group where I want to place clients as I see the need...

So, lets say I have 40 machines in the "General Servers" virt group, the policy for these are located all they way down below all the other policies attached to other virt groups ( I dont know if this actually means anything ? the numbering/priority? )

I have mye "Troubleshoot" group all the way at the top.

My Troubleshoot group has pretty much everything turned off, and the "General servers" have a lot turned on.

If I add a machine, that still is member of the "General Servers" group to the "Troublshoot" group in addition ? .. what is the expected outcome ? -- will the "Troubleshoot" group take some kind of presedence and remove all functionality - even though there is another policy further "down" the road ? 

Hope i explained myself ok ? 😄 

0 Kudos
1 Solution

Accepted Solutions
Igor_Moskowitz
Employee
Employee

Hi vinceneil666,

you explained it very well 🙂 and this it how it works. The policy is run from top to bottom and the logic is first match. So the rule above will always be enforced You can also see it directly on the client. The rule name and version nr. to check it:

policy rules.png

Regards,
Igor

View solution in original post

0 Kudos
3 Replies
Igor_Moskowitz
Employee
Employee

Hi vinceneil666,

you explained it very well 🙂 and this it how it works. The policy is run from top to bottom and the logic is first match. So the rule above will always be enforced You can also see it directly on the client. The rule name and version nr. to check it:

policy rules.png

Regards,
Igor

0 Kudos
vinceneil666
Advisor

Okay 🙂 , because I have tried this - and from my point of view it does not look like the functionality is getting removed at all. I will have to go back and double check this then.

 

0 Kudos
Igor_Moskowitz
Employee
Employee

If you want the security-blades to be removed as well, you need to configure it in the deployment-policy for this virtual-group.

So if you for example want to remove Anti-Malware-Blade completely you need to configure a proper deployment-policy.

It´s always:


1. Check Deployment Policy -> which Blades should be installed for this machine/group and install or uninstall Blades
2. Enforce the configured Policy for the installed Blades

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events