ESET Online Help

Search English
Select the topic

Policies

Larger organizations usually have multiple departments and want to configure different protection settings for each organizational unit. ESET Cloud Office Security provides policy-based protection settings that you can customize and assign to selected Users and user Groups, Tenants, Team groups, or SharePoint sites.

To add filtering criteria, click Add filter, select the applicable item Name and type a valid policy name. The Policies tree shows Tenants and their user Groups, Team groups, or SharePoint sites, including a Not assigned group containing custom policies that are not assigned to a target.

You can add a new policy or modify an existing policy and its settings:

1.Click Policies > New policy.

2.Type a Name and Description for a new policy.

3.Select a target and configure a policy for:

Tenants—Gmail, Google Drive, Exchange Online, OneDrive, SharePoint sites, and Team groups protection and assign it to selected Tenants

Users—Gmail, Google Drive, Exchange Online and OneDrive protection, and assign it to selected users or a user Group(s)

Team groups—Team groups protection and assign it to selected Team groups

SharePoint sites—SharePoint sites protection and assign it to selected sites

4.Customize protection Settings for Exchange Online, Gmail, OneDrive, Google Drive, Team groups, SharePoint sites or ESET LiveGuard Advanced and click Next.

5.Click Assign and choose a target where the policy will be assigned.

6.Click Save changes to save the policy setting.

arrow_up_businessPolicy principles

Default policy:

Applies to all users (protected and unprotected)

Cannot be modified or deleted

A custom policy can be assigned to:

Users—applies to manually selected individual users

Groups—applies to all members of the user Group

Tenants—applies to all entities within the Tenant

Team groups—applies to a Team group

SharePoint sites—applies to a SharePoint site

A custom policy assigned to a Tenant or Group is merged with the default policy.

A custom Tenant policy, Group policy, Team groups policy, or SharePoint sites policy has priority over the default policy.

A custom policy assigned to a user is merged with the Tenant, Group, Team groups, SharePoint sites policy, and the default policy.

A custom User policy has priority over a Tenant or Group policy and a default policy. However, when a user uploads a file to the Team group or SharePoint site, policy for the Team group or SharePoint site is applied.

Users and Tenants can be assigned multiple custom policies, but the effective policy is calculated based on the priority (order).
arrow_up_businessSetting for Anti-Spam lists when merging policies

The merging option applies to Anti-Spam lists and Notify administrator settings (addresses for notification emails by antimalware and anti-phishing).

When you have multiple policies with Anti-Spam lists (Approved, Blocked, and Ignored lists of IP addresses, domains or email addresses) or antimalware and anti-phishing administrator addresses for notification emails, choose the merging strategy:

Replace—keep only the new list entries (default option). The new list entries of the current policy replace all lists from the previous policies.

Append—extend lists of the previous policies by appending new entries. Merge lists from the previous policies with new entries of the current policy. The new entries are placed at the end (bottom) of the existing lists of the previous policies.

merge_policy

note

Before the merging option became available, the default behavior was Replace. If you already use policies with specific Anti-Spam lists, you can keep the default Replace or change to Append if preferable.

example

Create a new policy with a defined Anti-Spam list, and select the merging option (assuming existing policies with Anti-Spam lists are in place).

1.Click Policies > New policy.

2.Type a Name and Description for the new policy, select Tenants as a target and click Next.

3.Expand Exchange Online Anti-Spam and click Edit next to the Blocked IP list.

4.Click Add, type the IP address, press the Enter key to complete the action (alternatively, import the list from a file) and click Save changes.

5.Choose Append as a merging option from the drop-down menu, and click Next.

6.Click Assign, choose Assign to tenants from the drop-down menu, select the check box next to the Tenant and click OK.

7.Click Save changes to finish the process.

note

To rearrange policy priority, click Change order. Select a policy or multiple policies, and click Apply sooner or Apply later to change their priority. Policies are applied globally (regardless of assignment–Tenant, Group, or User) in specified order from top to bottom. The default policy is always applied first.

To perform the following actions, select the policy and click the three dots icon icon_contextmenu_b_tiny:

Action

Usage

Show Details

Display detailed information about a created policy, settings, and to whom the policies are assigned.

Edit

Modify the configuration of an existing policy.

Assign

Select Users, Tenants, Team groups, or SharePoint sites to which the policy applies.

Duplicate

Create a new policy based on the selected template. A new name will be required for the duplicate policy.

Delete

Remove the selected policy completely.

example

Create a custom tenant policy to see all scan results (including clean) in Scan logs. The tenant policy applies to all users (protected and unprotected).

1.Click Policies > New policy.

2.Type a Name and Description for the new policy, select Tenants as a target and click Next.

3.Expand Exchange online general and click the toggle to enable Log all objects.

4.Expand OneDrive general and click the toggle to enable Log all objects.

5.Expand Team groups general and click the toggle to enable Log all objects.

6.Expand SharePoint sites general and click the toggle to enable Log all objects and click Next.

7.Click Assign, select the check box next to the Tenant and click OK.

8.Click Save changes to finish the process.

example

Create a custom policy for specific users with advanced settings that will affect how Malware, Spam, and Phishing are handled. With this policy in place, email attachments that contain malware will be deleted, spam messages will be moved to the user's junk folder, phishing emails will have their subjects tagged and put into quarantine and contents of malware files located on OneDrive will be replaced with plain text to prevent any harm.

1.Click Policies > New policy.

2.Type a Name and Description for the new policy, select Users as a target, and click Next.

3.Expand Exchange Online Anti-Malware and use the drop-down menu next to When items are reported to select Delete attachment.

4.Expand the Exchange Online Anti-Spam and use the drop-down menu next to When items are reported to select Move to Junk.

5.Expand the Exchange Online Anti-Phishing and click the toggle to enable the Tag subject. You can also change the Tag subject text to customize it.

6.Expand the OneDrive Online Anti-Malware, use the drop-down menu next to When items are reported to select Replace and click Next.

7.Click Assign, select check boxes next to the users you want to apply the policy to, and click OK. If a user has an existing custom policy applied, it will be overwritten with the new one.

8.Click Save changes to finish the process.