Create a Security Management policy - Legacy UI
BEFORE YOU BEGIN Before you can create a Security Management policy, you need to configure the Webroot Endpoint Security Integration. Refer to Webroot Endpoint Security Integration - Legacy UI.
SECURITY Permission to manage Policies at account and/or site level
NAVIGATION Legacy UI > Account > Policies
NAVIGATION Legacy UI > Sites > select a site > Policies
What is a Security Management policy?
This type of policy is used with the Webroot Endpoint Security Integration. Once you have set up the integration for your Datto RMM account, you can create a Security Management policy that will allow you to deploy Webroot to your endpoints and raise alerts and tickets as per the criteria set in the monitor details. You can create the policy at account or site level.
How to...
- Navigate to Account > Policies or Sites > click on a site name > Policies.
- Click New account policy... or New site policy....
- Enter a policy Name.
- Under Type, select Security Management.
- You will now be able to select Webroot from the Security Product drop-down menu.
NOTE You will only see Webroot in the drop-down menu if you have configured the integration. Refer to Webroot Endpoint Security Integration - Legacy UI.
-
To copy an already existing policy to use it as a template, choose it from the Based on drop-down list. To create a new policy, select New Policy.
- Click Next and you will be presented with the policy details.
To target your devices with the policy:
- Click on Add a target.
- Select the required Target type. For information about target types, refer to Filters - Legacy UI and Groups - Legacy UI.
- Choose the required filter(s) or group(s).
NOTE Device filters contain all Default Device Filters and Custom Device Filters.
NOTE Devices of Unknown device type will not be targeted by the policy.
- Click Add.
- If you want to add more than one target type, repeat steps 1-4.
NOTE Multiple targets will apply the "OR" logic, that is, the policy will be run on a device if it is included in any of the targets.
Configure the following options:
Field | Description |
---|---|
Webroot Console Group | Allows you to enter a group name or group ID from the Webroot Console so that specific settings can be applied. This will only work correctly on fresh Webroot installations, that is, on devices that have never been seen by the Console before. If Webroot was already installed on a device for a specific group, you will be able to change it to another group in the Webroot Console. Ensure that the group you enter in the Datto RMM policy already exists in the Webroot Console. Spaces or localized characters are not supported in the group name, however, the following characters are supported: - _ @ |
Language | By default, the language is set to English. Select any of the following languages from the drop-down list: • English • Japanese • Spanish • French • German • Italian • Dutch • Korean • Simplified Chinese • Brazilian Portuguese • Russian • Turkish • Traditional Chinese |
Proxy Settings | Select any of these settings: • No Proxy (selected by default) • Auto Proxy • Manual Settings If you select Manual Settings, you will be required to fill in the following fields: |
Uninstall Webroot | If this option is selected, Webroot will be removed from the devices if the Webroot policy is removed or the device is removed from the list of targeted devices. |
NOTE If you already have Webroot installed in your environment, the policy will not attempt to install the agent again. It will simply monitor that agent according to the policy you set up.
You can apply one or more monitors to your Webroot Security Management policy, and edit or delete them as required. For more information, refer to Create a monitor.
Click Save and Push Changes.
If you click Save Only, you'll be directed to your list of policies where you can click Push changes... next to the policy in question.
The targeted devices will now be notified that a new policy has been applied and you will start to see alerts (as well as receive them via email if you configured that option) for any device that meets the criteria set in the policy.
NOTE The changes will be pushed instantly if the Agent is online or as soon as it checks in to the platform. The security product will be installed first (if required). The policy will be pushed out after the install.
NOTE If you click Save Only (legacy UI) or Save and Deploy Later (New UI) instead of Save and Push Changes (legacy UI) or Save and Deploy Now (New UI) when creating or updating a policy, the changes will still be deployed at midnight in your time zone because policies are automatically deployed every 24 hours.
NOTE To learn how to view an alert, refer to Manage alerts - Legacy UI in the legacy UI and Single Alert View in the New UI.
- Locate your policy on the account or site policy list and click on its name.
- Edit the policy details.
-
Click Save and Push Changes.
If you click Save Only, you'll be directed to your list of policies where you can click Push changes... next to the policy in question.
NOTE The changes will be pushed instantly if the Agent is online or as soon as it checks in to the platform.
NOTE If you click Save Only (legacy UI) or Save and Deploy Later (New UI) instead of Save and Push Changes (legacy UI) or Save and Deploy Now (New UI) when creating or updating a policy, the changes will still be deployed at midnight in your time zone because policies are automatically deployed every 24 hours.