What are policies
The administrator can push specific configurations to ESET products running on client computers using policies from the ESET PROTECT Web Console or ESMC Web Console. A policy can be applied directly to individual computers as well as to groups of computers. You can also assign multiple policies to a computer or to a group.
A user must have the following permissions to create a new policy: Read permission to read the list of policies, Use permission to assign policies to target computers and Write permission to create, modify or edit policies.
Policies are applied in the order that Static Groups are arranged. This is not true for Dynamic Groups, where policies are applied to child Dynamic Groups first. This allows you to apply policies with greater impact to the top of the Group tree and apply more specific policies to subgroups. Using flags, an ESET Endpoint Security user with access to groups located higher in the tree can override the policies of lower groups. The algorithm is explained in ESET PROTECT Online user guide.
We recommend that you assign more generic policies (for example, the update server policy) to groups that are higher within the group tree. More specific policies (for example, device control settings) should be assigned deeper in the group tree. The lower policy usually overrides the settings of the upper policies when merged (unless defined otherwise using policy flags). |