Policies

Add Policy

In the Policy Manager, you can manage the settings of multiple hosts collectively. You can:

allow monitoring of Advanced Persistent Threats.
enable the Enginsight Tray Icon.
subject your hosts or all drives to extended software monitoring.
restrict network traffic using Shield and block connections.
define the execution of custom plugins.
activate File Integrity Monitoring.
manage AutoUpdates.
activate SIEM functions for individual hosts.

The settings are immediately applied to all selected hosts.

Add Policy

To add a new policy, please follow these steps:

Click on Add Policy.
Enter a Name and a Description.
Set the Priority of your policy.
Under Assigned Hosts, specify the hosts to which the settings should be applied. You can either select the hosts directly or use Tags, which we recommend.
You will find grouped settings under Availlable Settings. Click on a field to reveal and manage the grouped settings yourself. The options include:
1. Enginsight Shield: Enable Shield to restrict network traffic and block connections.
2. Plugins: Allow the host to execute custom plugins.
3. File Integrity Monitoring: Enable File Integrity Monitoring.
4. Advanced Settings
  1. Recording of security relevant events.
  2. Extended software monitoring.
  3. Extended software monitoring on all disks.
  4. Customize API URL.
5. Automatic OS Updates
  1. Enable automated system updates.
  2. Only Security relevant updates
  3. Restart the system after the update if necessary.
  4. OS update schedule
  5. OS update timezone
6. Tray
  1. Enable Enginsight Tray Icon.
  2. Show notifications for logged-in users, including security status information.
7. Advanced Persistent Threats: Enable the detection of Advanced Persistent Threats.
8. SIEM: Enable log collection through SIEM.
Finally, click on Save Changes to add the policy.

If you create a policy, the settings of the assigned hosts are overwritten. If you delete a policy, the settings are therefore initially retained in the settings of the individual host.

If you want to undo a setting that you have made via a policy, you must therefore also either delete the policy or adjust the settings of the individual host:

Adjust the settings of the individual host.
Create a new policy that adopts the changed settings for the hosts.

If several policies exist that are assigned to the same host and where the same settings are managed via the policy, Enginsight selects the settings of the last policy created.

PreviousPlugins NextGlobale Tags

Last updated 1 month ago

Was this helpful?

Add Policy

In the Policy Manager, you can manage the settings of multiple hosts collectively. You can:

allow monitoring of Advanced Persistent Threats.

enable the Enginsight Tray Icon.

subject your hosts or all drives to extended software monitoring.

restrict network traffic using Shield and block connections.

define the execution of custom plugins.

activate File Integrity Monitoring.

manage AutoUpdates.

activate SIEM functions for individual hosts.

The settings are immediately applied to all selected hosts.

Add Policy

To add a new policy, please follow these steps:

Click on Add Policy.

Enter a Name and a Description.

Set the Priority of your policy.

Under Assigned Hosts, specify the hosts to which the settings should be applied. You can either select the hosts directly or use Tags, which we recommend.

You will find grouped settings under Availlable Settings. Click on a field to reveal and manage the grouped settings yourself. The options include:

Enginsight Shield: Enable Shield to restrict network traffic and block connections.
Plugins: Allow the host to execute custom plugins.
File Integrity Monitoring: Enable File Integrity Monitoring.
Advanced Settings
1. Recording of security relevant events.
2. Extended software monitoring.
3. Extended software monitoring on all disks.
4. Customize API URL.
Automatic OS Updates
1. Enable automated system updates.
2. Only Security relevant updates
3. Restart the system after the update if necessary.
4. OS update schedule
5. OS update timezone
Tray
1. Enable Enginsight Tray Icon.
2. Show notifications for logged-in users, including security status information.
Advanced Persistent Threats: Enable the detection of Advanced Persistent Threats.
SIEM: Enable log collection through SIEM.

Finally, click on Save Changes to add the policy.

If you create a policy, the settings of the assigned hosts are overwritten. If you delete a policy, the settings are therefore initially retained in the settings of the individual host.

If you want to undo a setting that you have made via a policy, you must therefore also either delete the policy or adjust the settings of the individual host:

Adjust the settings of the individual host.
Create a new policy that adopts the changed settings for the hosts.

If several policies exist that are assigned to the same host and where the same settings are managed via the policy, Enginsight selects the settings of the last policy created.