Endpoint policies are used to control the settings and behavior of the Webroot Business Endpoint Protection agent. It is possible to set custom scan times, allow or prevent the GUI to be opened, allow or suppress the ability to open the agent locally and control many other behaviors of the agent.
Endpoint policies are managed using the Policies page in the Webroot Management console and assigned to devices using the Entities page. When a policy for a device is changed, the device will apply the new policy when it checks in.
There are
many endpoint policy settings available that can be configured to control how the agent operates.
The Webroot Management console comes pre-configured with a number of default (or system) policies. These can be used as they exist or copied and used as a starting point to create custom policies.
Default Endpoint Protection policies:
- Recommended Defaults - This policy is intended for desktops and laptops. User interface and PUAs (possibly unwanted applications) are disabled. The setting to install DNS Protection is disabled in this policy. The User Interface is suppressed and PUA detection is turned off.
- Recommended DNS Enabled - This policy is identical to Recommended Defaults, except the setting to install DNS Protection is enabled.
- Recommended Server Defaults - This policy is intended for server environments. It focuses on resource utilization and minimal impact on the server.
- Silent Audit - This policy is based on the Recommended Defaults policy, however, it has the remediation function disabled to minimize production impact. This means it will catch known threats, but not undetermined threats. Use the undetermined threats reports to help you identify items to add to your block and allow overrides. Generally, this policy should only be used for a short duration, for example during initial setup to identify potential production false positives.
- Unmanaged - This policy is intended for technical support, troubleshooting, and when no policy management is needed. This policy cannot be managed, but it turns the agent into a local, unmanaged application that can be controlled directly by the end-user. You should not use this policy in production.
Notes:
- Policy names must be unique and cannot be re-used, even if prior versions with that name have been deleted.
- It is not possible to modify the default policies, but they can be copied and used as the starting point for custom policies.
- You cannot make a copy of the Unmanaged Policy.
- Administrators need to have the account type Super Admin to be able to modify polices and assign them to devices.
For more information on endpoint policies, see: