Skip to main content

Deploying PHASR

PHASR works as an extension of the Risk Management feature, which requires a BEST agent installed on your managed endpoints with the EDR module enabled, and a policy applied to them that has the Risk Management feature enabled along with the PHASR feature.

Policies are used to enable and configure features on endpoints. Apply the following changes to the policy of your choice:

  1. Log in to GravityZone Control Center.

  2. Go to the Policies page from the left side menu.

  3. You can either:

    • Create a new policy.

    • Edit one of your existing policies.

  4. If this is a new policy, under Risk Management, enable and configure the feature.

  5. While on the same page, make sure the PHASR toggle is enabled, and enable each activity type you would like to monitor.

    There are 3 available settings for each activity type:

    • Off - PHASR will not gather any related data, and the associated widget will not display any data in the PHASR Dashboard.

    • Autopilot - PHASR will gather the data of the selected type, based on which recommendations will be created and automatically applied.

      Note

      When Autopilot is selected, all PHASR recommendations are applied automatically by the Bitdefender Autopilot technology that is integrated with BEST. You can review the restrictions applied to behavioral profiles by Autopilot, by opening the Restricted Behavioral Profiles panel from the PHASR monitored rules.

    • Direct control - PHASR will gather the data of the selected type, based on which recommendations will be created and presented in the console. The actions recommended will only be taken if manually approved.

    Switching from one setting to another, not including Off, will reset previously applied restrictions for the selected data type.

    Changing the setting for a specific data type to Off will disable restrictions, but will not remove them. They will still be available when the setting is changed again.

  6. Save your policy.

  7. If you created a new policy, apply it on the endpoints where the feature is deployed:

    1. Go to the Network page from the left side menu.

    2. Select the endpoints you want to apply the policy to.

    3. Click the policy.png Assign Policy button at the upper side of the table.

    4. Select the policy you want to apply.

    5. Click Finish.

      Note

      For more information, refer to this kb article.

  8. If you have edited an existing policy, make sure it is applied to all endpoints where the feature is deployed.

This will ensure that the feature is enabled and configured to best suit your company's needs.

Important

If the target company uses Policy Assignment Rules, make sure you enable PHASR in the policy that is directly applied to endpoints and not in the policy that is applied through assignment rules.

In this section: