Skip to main content


Security management

Once installed, the Bitdefender protection can be configured and managed from Control Center using security policies. A policy specifies the security settings to be applied on target network inventory objects (computers, virtual machines or mobile devices).

Immediately after installation, network inventory objects are assigned with the default policy, which is preconfigured with the recommended protection settings. Provided the NSX integration is enabled, another three default security policies for NSX are available, one for each security level: permissive, normal and aggressive. These policies are preconfigured with the recommended protection settings. You cannot modify or delete the default policies.

You can create as many policies as you need based on security requirements, for each type of managed network object.

This is what you need to know about policies:

  • Policies are created in the Policies page and assigned to network objects from the Network page.

  • Policies can inherit several modules settings from other policies.

  • You can configure policy assignment to endpoints so that a policy can apply only in certain conditions, based on location or logged-in user. Therefore, an endpoint can have more policies assigned.

  • Endpoints can have one active policy at a time.

  • Policies are pushed to target network objects immediately after creating or modifying them. Settings should be applied to network objects in less than a minute (provided they are online). If a network object is not online, settings will be applied as soon as it gets back online.

  • The policy applies only to the installed protection modules.

  • The Policies page displays only the following types of policies:

    • Policies created by you.

    • Other policies (such as default policy or templates created by other users) which are assigned to endpoints under your account.

  • You cannot edit policies created by other users (unless the policy owners allow it from the policy settings), but you can override them by assigning the target objects a different policy.


Only the supported policy modules will apply to target endpoints.