Defining your own policies
For details of policy objects you can use to create your own policies, refer to:
Defining a policy
-
You define a policy from Endpoint Automation > Administration > Policies.
-
Click New Policy, enter a name and description for the policy.
Defining a rule
Policies need rules in order to be of any use. The following sections show how to define rules, caveats for editing rules and how to associate rules with policies.
You define a rule from Endpoint Automation > Administration > Rules.
-
Click New Rule then enter a name and description.
-
In the Triggers section we're going to define that the rule should be evaluated periodically, every 30 seconds. In the search window we choose Periodic (seconds) and set the number of Seconds to 30.
You can add multiple Triggers using the add triggers plus sign, in this example we'll just use one.
Do not specify a period less than 30 seconds. The rule may be accepted by the management interface but the 1E Client will not apply it.
-
In the Precondition section, we will not define a precondition rule, but you can review the available choices, if you do want to set one.
-
In the Check section, we'll define a check rule that requires that there is a value MyValue in the registry hive HKLM and subkey SOFTWARE\MyApp. Its value should be of type REG_DWORD and it should be 0.
If any part of the Subkey is missing, or the Name or Value fail to match this check rule, then the fix rule will be applied.
-
In the Fix section, the fix rule will be identical to the check rule. This means that if the registry is not consistent with the check rule, it will be made consistent.
If any part of the Subkey does not exist, or the Value or Name is missing or has a different value or type, then all of these discrepancies will automatically be corrected and the registry value made to be consistent with the check rule. Then click Save.
Associating rules with a policy
You associate a rule with a policy from Administration > Policies.
-
Select the policy using with the checkbox on the left, then selecting Edit Policy. The available rules are on the left of the page.
-
You select the rule(s) you want to associate with the policy using the checkboxes, then click Save.
Editing existing rules
-
In Administration > Rules, select the rule using the checkbox on the left, then select Edit Rule.
-
Make your changes, and then click Save.
Revised policies will need to be approved and redeployed for the change to become effective on any devices targeted by the policy. Refer to Rule Approval.
Cloning a rule
You can clone (copy) a rule by selecting it with the checkbox on the left and then selecting Clone Rule. When you do this, a copy of the rule is made. You will be prompted to enter a new name for the cloned rule. After this you can modify any property of the cloned rule and save it.
Enabling and disabling rules
You can enable and disable rules by selecting the rule with the checkbox on the left and then selecting Disable Selection, if the rule is enabled, or Enable Selection, if the rule is disabled.
-
Disabled rules are shown with a red disabled icon against them.
-
A disabled rule ceases to have effect within any policy that refers to that rule, when that policy is redeployed. In effect, a disabled rule acts as if the rule is not part of the policy.
-
You must redeploy any policies which contain a disabled rule for the change to become effective on any devices targeted by the policies.
-
If you enable a previously disabled rule then the rule becomes active again. You must redeploy any policies containing the rule for the change to become effective on any devices targeted by the policies.
-
If you enable a previously disabled rule or disable an enabled rule, you must provide a reason for the changes to the rule. This would help the approver to understand the rationale behind the modification.