Jump to content

Recommended Posts

Posted

Hi Forum,

i‘m trying to build a modular device control whitelist:

allow stick 123 for user abc

allow devices from vendor xyz in group hij

block all other

I was trying to append the „block all“ last rule by policy order, but its really hard to keep the rule last - when i add another rule in a child group this ist added later (of course).

is there any way to default-block (or default-warn) everything not explictily allowed? One idea would be, to throw all usb-rules in one policy, but that would get quite long.

Thanks in advance!

christian

  • Administrators
Posted

I think this is what you are after. It's a new feature of ERA v7 and Endpoint v7 which will be unveiled later this year:

image.png

Posted (edited)

Thanks Marcos, "prepend" will help!

for now i add all policy to one group to get the customer happy.

The actual problem they have is: we can't change policy order.
I mark a policy and klick "apply later" but after closing and reopening it is at the old position again.

From some testing i would say, the policies for a group are automatically ordered by date or id: Every new policy i add is always applied last and i cant' change that.
I don't see this behaviour at another era-server.

Is there a general setting for policy order i am missing?

Both Servers run as appliance, ERA-Server version 6.5.417

Thanks again!

Christian

Edited by Christian Stück
Posted

My problem is, changed policy order in one group is not saved. After Close and re-open policies are in old sort order again (sorted by creation time).

image.png.c5ed7c480f6e2c8a5d18fc3e392c4c63.png

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...