How to use Cloud Security for Endpoints security policies

Cloud Security for Endpoints by Bitdefender protects systems using security technology that has been rated number one time and time again. It does not require on-site server hardware and maintenance as it is managed by Cloud Security Console, a powerful and intuitive interface to a solution that can scale to defend any number of systems, no matter where they are located.
This article explains what security policies are and how you can use them to apply security settings to endpoints.

Overview
In Cloud Security for Endpoints, endpoint security settings are managed from the Cloud Security Console, as a batch, via security policies. A security policy is a configuration which includes a specific set of values for:

  • Endpoint interface settings such as: visibility, status alerts and technical support information
  • General settings such as: logging, reporting, password protection and updates
  • Security settings, namely: antimalware, firewall, privacy control and user control modules

By enforcing the use of security policies, security settings are always applied as predefined all-inclusive profiles, adjusted to match the target computers’ function. Applying individual security settings to a computer or group of computers outside a security policy is not supported.

Immediately after installation, computers are assigned the default policy, which is preconfigured with the recommended protection settings. You can change protection settings as needed, and also configure additional protection features.

If you manage a larger number of computers (tens or more), you may want to create several policies to apply different settings based on security requirements. For example, you can configure different policies for office workstations, laptops and servers.

This is what you need to know about policies:

  • There is a single default policy template, which allows configuring all protection settings. When you create a new policy, you must choose the policy template you want to use. You can choose either the default policy template or an existing policy.
  • Policies are pushed to target computers immediately after creating or modifying them. Settings should be applied on computers in less than a minute (provided they are online). If a computer is not online, settings will be applied as soon as it gets back online.
  • Although a security policy defines settings for all the security modules, on the endpoint, these settings will be applied only to the installed protection modules. Please note that only antimalware protection is available for server operating systems.
  • Policies can be assigned either to individual computers or to groups of computers. The policy target cannot be a mix of computers and groups.
  • Several policies can be assigned at a given time to a computer or group. However, there will always be only one active policy: the one that was last created or modified.

Managing Policies
To view and manage security settings and policies, go to the Policies > View Policies page. Existing policies are displayed in the table. For each policy, you can see:

  • Policy name
  • Policy target (computers or groups the policy applies to)
  • How many of the target computers comply with the policy
  • User who created the policy
  • Time when the policy was last modified

Creating New Policies
To create a new policy:

1.    Go to the Policies > New Policy page.
2.    Enter a suggestive name for the policy. When choosing a name, consider the purpose and target of the policy.
3.    Choose a policy template from the menu. The new policy will be initialized with the settings of the template policy. You can choose either the default policy template or an existing policy.
4.    Configure the policy target (computers to which the policy will apply). You can choose one of the following options:

  • Groups - Select this option to apply the policy to groups of managed computers. Click the corresponding link and choose the desired computer groups.

Note
The policy will apply automatically to any computer that is later added to a selected group.

  • Computers - Select this option to apply the policy to individual computers. Click the corresponding link and choose the desired computers.

5.    Click Submit to create the policy and to go to the policy page.
6.    Next, configure the policy settings. Settings are organized around the protection modules into the following categories:

  • Summary
  • General
  • Antimalware
  • Firewall
  • Privacy Control
  • User Control

You can select the settings category using the menu on the left-side of the page.

7.    Click Save to save changes and apply protection settings to the target computers. The new policy will be displayed on the View Policies page.

Configuring Policy Settings
Policy settings can be initially configured when creating the policy. Later on, you can change them as needed anytime you want.
To change the settings of a policy:

1.    Go to the Policies > View Policies page.
2.    Click the policy name. This will open the policy page.
3.    Configure the policy settings as needed. Settings are organized around the protection modules into the following categories:

  • Summary
  • General
  • Antimalware
  • Firewall
  • Privacy Control
  • User Control

You can select the settings category using the menu on the left-side of the page.

4.    Click Save to save changes and apply them to the target computers. To leave the policy page without saving changes, click Cancel.

 


Rate this article:

Submit