Understanding Security Policy Scenario

Print Friendly, PDF & Email

The following example illustrates how different security policies can be created within an organization for different departments. Two departments namely Marketing and Accounts have been taken as an example.

Client Settings Policy Features Marketing Dept. Accounts Dept.
Scan Settings Scan mode Automatic Advanced
Virus Protection Setting Enabled Enabled
Block suspicious packed files Enabled Enabled
Automatic Rogueware scan Enabled Enabled
Disconnect Infected Endpoints from the network Not Enabled Enabled
Email Settings Email Protection Enabled Enabled
Trusted Email Clients Protection Enabled Enabled
Spam Protection Level Soft Strict
External Drives Settings Scan External Drives Enabled Enabled
Autorun Protection Enabled Enabled
Mobile Scan Not Enabled Enabled
IDS/IPS IDS/IPS Enabled Enabled
Disconnect system from the network (only in case of DDOS and Port Scanning attack) Not Enabled Enabled
Firewall Firewall Enabled Enabled
Level Low High
Web Security Browsing Protection Enabled Enabled
Phishing Protection Enabled Enabled
Web Categories Business Allowed Denied
Social Networking Denied Denied
Application Control CD/DVD Applications Authorized Unauthorized
Games Unauthorized Unauthorized
Advanced Device Control Enable Advanced Device Control Enabled Enabled
Device Types No devices enabled Devices selected and enabled
Exceptions Not enabled Enabled and appropriately added
Data Loss Prevention Enable Data Loss Prevention Enabled Enabled
Select Data Transfer Channels Monitor Network Share, Monitor Clipboard, Disable Print screen Monitor Transfer through Application, Monitor Removable devices
Select Data to be monitored File Types, Confidential Data, User Defined Dictionaries File Types, Confidential Data
Actions Block and Report Report only
File Activity Monitor Enable File Activity Monitor Enabled Enabled
Removable Drives Enabled Enabled
Network Drives Enabled Enabled
Local Drives Not Enabled Enabled
Update Setting Automatic update Enabled Enabled
Download from Internet Enabled Not Enabled
Download from Endpoint Security Server Not Enabled Enabled
Internet Settings Proxy Settings Enabled Not Enabled
Patch Management Scan and Install missing patches Enabled Enabled
General Settings Authorize access to the client settings Enabled Enabled
Was this page helpful?

Leave a Comment