Show or Hide the Default Policy Rules
The Endpoint Security Manager security policy comes preconfigured with rules that protect against attacks that leverage common software vulnerabilities, exploits, and attack vectors.
When configuring new rules, you can inherit the behavior from the preceding rule in the rule hierarchy or you can override settings as needed to customize your organization’s security policy.
To reduce the number of rules you see in your security policy, the default rules are collapsed under a single default policy.
- Show Default RulesTo expand and view the default policy rules, select Show Default Rules from the action menu at the top of the page.
- Hide Default RulesTo collapse the list of rules, select Hide Default Rules from the action menu at the top of the page.
- Modify a Default RuleTo override a default rule, you can clone the rule and edit the settings. In the case of similar rules, the more recent rule takes precedence over the older rule.
- Select Show Default Rules from the action menu at the top of the page.
- Select the desired rule to view additional details.
- Clone the rule and edit the settings as desired.
- Save or Apply the rule when finished.
Manage Saved Rules
Manage Saved Rules After saving the rule, the name and description appear in the appropriate system logs and tables. Select the rule to view details ...
User-Defined Rules A user-defined rule is a rule that you—or additional administrators with access to the ESM Console—create to manage the Traps security policy and ...
Common Rule Components and Actions
Common Rule Components and Actions Each type of rule has a specific set of required and optional fields that you can customize to meet the ...
DLL File Protection
DLL File Protection Traps now extends its malware protection capabilities to block malicious DLL files on Windows endpoints. To provide a layered approach to DLL ...
Export and Import Policy Files
Export and Import Policy Files From each rule management page on the ESM Console, you can import and export rules. This enables you to: Back ...
Configure Child Process Protection
Configure Child Process Protection The Child Process Protection MPM supersedes the Child Processes restriction rule and whitelist available in Traps 3.4 and earlier releases. To ...
Disable or Enable All Protection Rules
Disable or Enable All Protection Rules If the endpoint protection security policy is causing issues for endpoints in your organization, you can quickly disable all ...
Configure the Gatekeeper Enhancement MPM
Configure the Gatekeeper Enhancement MPM The Gatekeeper Enhancement MPM is an enhancement of the macOS gatekeeper functionality which allows apps to run based on their ...
Administrative Privileges For each custom administrative role that you create, you can select the privileges and levels of access for each privilege. The levels of ...