Managing policies - Legacy UI
SECURITY Permission to manage policies at account and/or site level
NAVIGATION Legacy UI > Account > Policies
NAVIGATION Legacy UI > Sites > select a site > Policies
NAVIGATION Legacy UI > Sites > select a site > Devices > select a device > Policies
Refer to Policies.
About
Policies can be created at the account and site level.
- Account policies are visible at both the account and site level, and can be enabled or disabled for a specific site.
- Policies created at the site level will only be visible on that site's Policies page. Site policies do not replace account polices but work in conjunction with them.
- At the device level, those account and site policies are displayed that target that specific device.
For an introduction to policies, refer to About policies.
How to...
-
At the account level, navigate to Account > Policies > New account policy.
At the site level, navigate to Sites > select a site > Policies > New site policy. - Specify the policy details that differ for each policy type. For more details, see Types of policies below.
Policy Type | Description |
---|---|
Agent | An Agent policy deploys settings to affect the operation and configuration of the Datto RMM Agent. Refer to Creating an Agent policy - Legacy UI. |
ESXi | An ESXi policy allows the user to monitor the performance, datastore, temperature and hardware of ESXi host devices and their guest machines. Refer to Create an ESXi policy - Legacy UI. |
Monitoring Maintenance Window | A Monitoring Maintenance Window policy allows you to suspend monitoring while doing scheduled maintenance work on your devices. Refer to Creating a Monitoring Maintenance Window policy - Legacy UI. |
(Deprecated) Mobile Device Management |
IMPORTANT The Mobile Device Management (MDM) feature is no longer available. For more information, refer to this Kaseya Community post. |
Monitoring | A Monitoring policy allows the user to configure monitors to run on the devices targeted with the policy. Refer to Create a Monitoring policy - Legacy UI. |
Patch Management | A Patch Management policy allows you to automate the deployment of software patches to the devices you manage. Refer to Create a Patch Management policy - Legacy UI. |
Power | A Power policy allows you to configure the Windows Control Panel > Power Options on the devices that are targeted with this policy. Refer to Create a Power policy - Legacy UI. |
Security Management | A Security Management policy allows you to deploy Webroot to your endpoints and raise alerts and tickets as per the criteria set in the monitor details. This type of policy is only available if the Webroot Endpoint Security Integration is enabled for the account. Refer to Create a Security Management policy - Legacy UI. |
Software Management | A Software Management policy allows you to configure third-party software application updates and define when those updates should be installed. Refer to Create a Software Management policy - Legacy UI. |
Windows Update | A Windows Update policy allows you to control the features of the automatic update settings of Windows Update. Refer to Create a Windows Update policy - Legacy UI. |
(Deprecated) iOS App Management |
IMPORTANT The Mobile Device Management (MDM) feature is no longer available. For more information, refer to this Kaseya Community post. |
Printer Policy | Refer to Printer Monitor. |
Policies are managed on the Account > Policies, Site > Policies, and Device > Policies tabs. At the site and device level, both account policies and site policies that target the selected site/device are displayed.
The following information is available:
Field | Description |
---|---|
Type of policy | At the account level, you will see only account policies. At the site and device level, both account and site policies are displayed and grouped separately. |
Override active icon | This icon only appears if the policy in question is an account-level patch management policy AND it is overridden at the site level. At the same time, an Edit Override button becomes available for the policy. Refer to Override account-level patch policy options at the site level. |
Name | The name of the policy. Click on the name to edit the policy. For field descriptions of the various policy types, refer to Create a policy. |
Targets | Each policy can have one or many targets, which in turn can consist of one or many device filters, Device Groups, and Site Groups. NOTE Multiple targets are connected by an OR operator. For example, if one target is "Site Group A" and another target is "All Laptops", then all devices in Site Group A and all laptops of the account will be included (not just the laptops belonging to Site Group A). |
Type | Indicates the type of policy. Refer to Types of policies. |
Override / Edit Override | The Override button only appears if the policy in question is an account-level patch management policy that is not overridden at the site level. The Edit Override button only appears if the policy in question is an account-level patch management policy that is overridden at the site level. At the same time, an Override active icon will be visible in front of the policy. Refer to Override account-level patch policy options at the site level. |
Push changes... | Click Push changes... to immediately push any policy changes to all devices targeted by the policy. The target icon changes color when changes are being pushed. NOTE If you click Save Only (legacy UI) or Save and Deploy Later (New UI) instead of Save and Push Changes (legacy UI) or Save and Deploy Now (New UI) when creating or updating a policy, the changes will still be deployed at midnight in your time zone because policies are automatically deployed every 24 hours. |
Target icon | Clicking on this icon will open a pop-up window to show included and excluded sites and/or devices targeted by the policy. In the case of patch management policies, the Override active icon will be displayed in front of sites that override the account-level policy options. In the case of account-level policies, you can filter by Site Exclusions and Site Manually Enabled (for patch management policies these options change to All Sites, Included Sites, and Excluded Sites), and you can also filter by All Devices, Included Devices, and Excluded Devices in the case of both account-level and site-level policies. You can turn the policy on or off for your sites and devices by toggling the Enabled button to ON or OFF, and you can push the changes by clicking on the Push changes... button. The target icon changes color when changes are being pushed. |
Enabled / Enabled for this site / Enabled for this device | A toggle to turn the policy ON or OFF at the account, site, or device level. |
Only displayed at the device level when the device has been excluded from the policy in question at the site level. | |
Remove Policy | Only available at the account and site level. Hover over a row and click this icon to delete the policy. |
New account policy... / New site policy... | Click to create a new policy at the account or site level. Refer to Create a policy. |
Import Policy | Refer to Import a Monitoring policy. |
Clear All Alerts / Clear All Site Alerts / Clear All Device Alerts | Click to resolve all alerts at the account, site, or device level. This will not send an email or update tickets. If you require email notifications or tickets to be updated, you should resolve the alerts individually. Devices with monitors in alert status will re-trigger within 24 hours. Refer to Manage alerts - Legacy UI. |
To learn how policy memberships get recalculated, refer to Policy membership recalculation.