You can add a new policy or modify an existing policy to protect your endpoint groups in Nebula. The policy's configuration determines how Nebula interacts with your endpoints. This article provides information about policies and shows you how to add, delete, or clone a policy in your Nebula console.
Notes
- A group contains one policy.
- Policies can be assigned to multiple groups.
- Endpoints receive the policy assigned to their group.
- Policy changes are automatically pushed to endpoints if they are online.
- Endpoints silently load or unload additional components based on the configured policy.
Policies overview
Policies show as line items with different columns highlighting specific information. These columns are:
- Name: The name given to the policy. Click the column header to sort policies by alphabetical or reverse alphabetical order.
- Protection layers: The protection level used per OS is displayed in this column. Hover over the protection level to view the enabled or disabled protection layers at a glance.
- Additional Protection: Displays paid modules enabled within the policy.
- Last updated: Shows the date of the last time a Nebula user made edits to this policy. Click the column header to sort policies based on the last time they were updated.
- Updated by: Displays who last modified the policy.
- Endpoint count: Displays the number of endpoints in a group with the policy assigned.
Add a policy
Creating a new policy automatically copies the settings from the current default policy.
- Go to Configure > Policies.
- In the upper-right part of the page, click New policy.
- Enter a Policy name.
- Configure settings for your endpoints.
- Scroll up the page and click Save.
Once you've clicked Save, your new policy appears in the policies list.
To nominate a policy to the Default Policy, check the box next to a policy and click Actions > Set as default.
Delete a policy
- Go to Configure > Policies.
- Check the box of the policy you want to delete.
- Click Actions > Delete. Any exclusions associated with this policy will be deleted. Exclusions associated with multiple policies will remain unchanged.
- In the confirmation pop-up window, click Delete. If you try to delete a policy with an assigned group attached to it, the system informs you This policy has groups assigned to it and cannot be deleted.
A green confirmation pop-up appears in the top-right corner of the Policies section to confirm you have deleted the policy.
Clone a policy
To make a copy of an existing policy:
- Go to Configure > Policies.
- Check the box next to the policy you want to clone.
- You cannot clone your Default policy. When you add a new policy, the new policy already has the settings and configuration of the Default policy.
- Click Actions > Clone.
- In the Clone Policy pop-up window, confirm the following:
- Clone name: Type in a name for the cloned policy.
- Do you want to associate exclusions?: The switch defaults to YES. If you don't want to associate exclusions, toggle the switch to NO.
- Uninstall Protection: If enabled in the host policy, the cloned policy will clone the same password.
- Click Save.