What are policies
The administrator can push specific configurations to ESET products running on client computers using policies from the ESET PROTECT On-Prem Web Console. A policy can be applied directly to individual computers and to groups of computers. You can also assign multiple policies to a computer or a group.
A user must have the following permissions to create a new policy: Read permission to read the list of policies, Use permission to assign policies to target computers and Write permission to create, modify or edit policies.
Policies are applied in the order of Static Groups. For Dynamic Groups, policies are applied to child Dynamic Groups first. This enables you to apply policies with higher impact to the top of the Group tree, and more specific policies to subgroups. Using flags, an ESET Endpoint Antivirus user with access to groups located higher in the tree can override the policies of lower groups. The algorithm is explained in ESET PROTECT On-Prem Online user guide.
We recommend to assign more generic policies (for example, the update server policy) to higher groups within the group tree. More specific policies (for example, device control settings) should be assigned deeper in the group tree. The lower policy usually overrides the settings of the upper policies when merged (unless defined otherwise using policy flags). |