Jump to content

Recommended Posts

Hi Forum,

i‘m trying to build a modular device control whitelist:

allow stick 123 for user abc

allow devices from vendor xyz in group hij

block all other

I was trying to append the „block all“ last rule by policy order, but its really hard to keep the rule last - when i add another rule in a child group this ist added later (of course).

is there any way to default-block (or default-warn) everything not explictily allowed? One idea would be, to throw all usb-rules in one policy, but that would get quite long.

Thanks in advance!

christian

Link to comment
Share on other sites

  • Administrators

I think this is what you are after. It's a new feature of ERA v7 and Endpoint v7 which will be unveiled later this year:

image.png

Link to comment
Share on other sites

Thanks Marcos, "prepend" will help!

for now i add all policy to one group to get the customer happy.

The actual problem they have is: we can't change policy order.
I mark a policy and klick "apply later" but after closing and reopening it is at the old position again.

From some testing i would say, the policies for a group are automatically ordered by date or id: Every new policy i add is always applied last and i cant' change that.
I don't see this behaviour at another era-server.

Is there a general setting for policy order i am missing?

Both Servers run as appliance, ERA-Server version 6.5.417

Thanks again!

Christian

Edited by Christian Stück
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...