policy

[Aim2018 0]

Hi,
Let us say I have few  policies applied  on a dynamic windows desktop group . 
for example : a firewall policy denying all ICMP traffic 

Now  I have  a static group  called test , there is a policy for icmp allow  from a specific remote address  

In this case , what will be the winning policy  

Thanks 

[tmuster2k 22]

You can use your policy for your windows desktops as your Global Policy and in your static group test this will be your child policy. 

As long as your global policy ICMP rule is not set to "force" or "apply" then on your child policy you can "force" or "apply" and this will override global for this ICMP setting. 

hxxp://help.eset.com/era_admin/65/en-US/admin_pol_how_policies_are_applied.htm

[Marcos 5,070]

It depends on how you set particular policy settings to be handled in case the same setting (in this case fw rules) is also set by another policy or client.

[Nightowl 202]

1 hour ago, tmuster2k said:

You can use your policy for your windows desktops as your Global Policy and in your static group test this will be your child policy. 

As long as your global policy ICMP rule is not set to "force" or "apply" then on your child policy you can "force" or "apply" and this will override global for this ICMP setting. 

hxxp://help.eset.com/era_admin/65/en-US/admin_pol_how_policies_are_applied.htm

Link is not found , 404

[Marcos 5,070]

5 minutes ago, Rami said:

Link is not found , 404

Fixed. Should work now.

[Aim2018 0]

2 hours ago, Marcos said:

It depends on how you set particular policy settings to be handled in case the same setting (in this case fw rules) is also set by another policy or client.

 

What does it mean Append at left side  and Replace  at right side 

Thanks

 

[MichalJ 434]

That defines relationship with such list set from another policy and defined locally. 

You can for example replace a list defined in a master policy by a list from a specific policy, and then define that local-define entries will be prepended (will be added to the top of the list, as the firewall rules are evaluated top-down in the order). 

[Aim2018 0]

Hi,

Thanks for the reply . Can you brief  about " local-define entries" 

Thanks 

[MichalJ 434]

Local defined entries means, entries set within the local UI of the application on each of the computers. That means you access advanced settings of ESET Endpoint Security (press F5) and define local rules there. 

[Aim2018 0]

Hi,

As long as we are not defining any local policies , does it matter  if we set the right side "append ","replace" ,"prepend"  ?

Correct me If i am wrong 

Thanks 

 

Edited October 15, 2018 by Aim2018
edit

[Aim2018 0]

Hi,

Lets say we have  firewall policy already applied like below 

And  a second firewall  policy   like below 

 

At the  end   what will be the effect of the policy ?

 

Thanks 

[MichalJ 434]

The second policy will overwrite all of the settings of the first one.  But what also matters is to what object is the policy assigned to (static group in hierarchy, dynamic group or individual computers).

[Aim2018 0]

Hi,

In the first policy  there is no rule for icmp  

In  second policy  there is only icmp policy 

"The second policy will overwrite all of the settings of the first one. " 

So  all the  policy like deny "cscript " in the first policy will be replaced  ? 

"Replace" means does it remove  even if there is no relation between the rules ? 

for example  , deny cscript  and allow icmp are totally different rules 

 

Thanks 

 

 

[Marcos 5,070]

Yes, "Replace" will replace / overwrite the rules completely. If you want to merge fw rules from both policies and want the "Policy 1" fw rules to take precedence over the "Policy 2" rules, use "Append" instead of "Replace" for the fw rules in "Policy 2".

[Aim2018 0]

Hi,

Could you explain the below . Here I don't have an option of  prepend  ?

Thanks