Christian Stück 5 Posted April 17, 2018 Posted April 17, 2018 Hi Forum, i‘m trying to build a modular device control whitelist: allow stick 123 for user abc allow devices from vendor xyz in group hij block all other I was trying to append the „block all“ last rule by policy order, but its really hard to keep the rule last - when i add another rule in a child group this ist added later (of course). is there any way to default-block (or default-warn) everything not explictily allowed? One idea would be, to throw all usb-rules in one policy, but that would get quite long. Thanks in advance! christian
Administrators Marcos 5,727 Posted April 17, 2018 Administrators Posted April 17, 2018 I think this is what you are after. It's a new feature of ERA v7 and Endpoint v7 which will be unveiled later this year:
Christian Stück 5 Posted April 19, 2018 Author Posted April 19, 2018 (edited) Thanks Marcos, "prepend" will help! for now i add all policy to one group to get the customer happy. The actual problem they have is: we can't change policy order. I mark a policy and klick "apply later" but after closing and reopening it is at the old position again. From some testing i would say, the policies for a group are automatically ordered by date or id: Every new policy i add is always applied last and i cant' change that. I don't see this behaviour at another era-server. Is there a general setting for policy order i am missing? Both Servers run as appliance, ERA-Server version 6.5.417 Thanks again! Christian Edited April 19, 2018 by Christian Stück
Administrators Marcos 5,727 Posted April 19, 2018 Administrators Posted April 19, 2018 Does the page https://help.eset.com/era_admin/65/en-US/index.html?admin_pol_how_policies_are_applied.htm help understand how policies are applied?
Christian Stück 5 Posted April 19, 2018 Author Posted April 19, 2018 My problem is, changed policy order in one group is not saved. After Close and re-open policies are in old sort order again (sorted by creation time).
Recommended Posts