Policies

Add Policy

In the Policy Manager, you can manage the settings of multiple hosts collectively. You can:

• allow monitoring of Advanced Persistent Threats.

• enable the Enginsight Tray Icon.

• subject your hosts or all drives to extended software monitoring.

• restrict network traffic using Shield and block connections.

• define the execution of custom plugins.

• activate File Integrity Monitoring.

• manage AutoUpdates.

• activate SIEM functions for individual hosts.

The settings are immediately applied to all selected hosts.

Add Policy

To add a new policy, please follow these steps:

1. Click on Add Policy.

2. Enter a Name and a Description.

3. Set the Priority of your policy.

4. Under Assigned Hosts, specify the hosts to which the settings should be applied. You can either select the hosts directly or use Tags, which we recommend.

5. You will find grouped settings under Availlable Settings. Click on a field to reveal and manage the grouped settings yourself. The options include:

   1. Enginsight Shield: Enable Shield to restrict network traffic and block connections.

   2. Plugins: Allow the host to execute custom plugins.

   3. File Integrity Monitoring: Enable File Integrity Monitoring.

   4. Advanced Settings

      1. Recording of security relevant events.

      2. Extended software monitoring.

      3. Extended software monitoring on all disks.

      4. Customize API URL.

   5. Automatic OS Updates

      1. Enable automated system updates.

      2. Only Security relevant updates

      3. Restart the system after the update if necessary.

      4. OS update schedule

      5. OS update timezone

   6. Tray

      1. Enable Enginsight Tray Icon.

      2. Show notifications for logged-in users, including security status information.

   7. Advanced Persistent Threats: Enable the detection of Advanced Persistent Threats.

   8. SIEM: Enable log collection through SIEM.

6. Finally, click on Save Changes to add the policy.