Skip to main content
Matrix42 Self-Service Help Center

Configure default policies

  1. Last updated
  2. Save as PDF

Configuring default policies

In Default policies, define default rights and default settings for the known and unknown users of the directory service, as well as for computers. When a user or a computer is added to the directory service tree of the Console, it automatically inherits default rights and settings. If a user is in the directory service tree and products are enabled for the user, he is considered a known user. If a user is not in the directory service tree, or if no products are enabled for the user, he is considered an unknown user. For each of the three default profiles, a distinction is also made between online and offline profiles for the Access Control product. Offline profile means that the client on which EgoSecure Agent was started has no connection to the EgoSecure Server.

Activating Secure Audit and Encryption. To activate Secure Audit for users, computers or groups, enable the secure audit functionality first under Product settings | Audit | Secure Audit. To activate encryption products for users, computers or groups, enable encryption under Product settings | Encryption | Encryption options.

Default rights and settings for user (known/unknown)

Customizing default rights for known users

  • Go to User management | Directory service structure | Default policies.
  • In the User management work area, select Default rights (user).
  • Configure the rights of the default users for certain product areas. Depending on the available products, different tabs are available.

clipboard_eddc1f6abd3a6a35e4c62a7867811fc80.png

  • In the toolbar of the product area, click Save.
  • The settings are applied to default users in online mode.
  • When configuring Access Control:
    • a.    In the lower part of the work area, select Offline from the Profile drop-down.
    • b.    Define the settings for the offline profile of a default user.
    • If the settings for the offline profile of a default user are not defined, the inheritance of access rights occurs from the online profile of a default user.
  • Click Save in the toolbar.
  • The defined rights apply to default users and are automatically inherited by all known users.

Customizing default rights for unknown users

  • Go to User management | Directory service structure | Default policies | Unknown users.
  • In the lower part of the work area, configure the rights of unknown users for certain device classes in online mode.
  • To define the rights of unknown users when they are offline, in the lower part of the work area, select Offline from the Profile drop-down.
  • Click Save in the toolbar.
  • The defined default rights automatically apply to unknown users who login to the Server. Additionally, if global filters have been created under Product settings | Filters | File type filters, they are also applied to unknown users.

Customizing default settings for users

  • Go to User management | Default policies and select Default rights (user).
  • In the lower part of the work area, click the Settings tab.
  • To prohibit the downloading of files via the Internet Explorer, enable the check box in the Internet area.
  • To prohibit the usage of the clipboard, set the checkbox in the Clipboard area.
  • To scan the content of archives or MS Office for blocked file types, check the corresponding checkbox in the File type filter section. The checkboxes are only available if the options are enabled under Product Settings | Filters | Settings.
  • Click Save.

Default rights and settings for computer

Adjusting computer default rights

Rights priority for computer. If products are activated for both a user and a computer or only for a computer, the rights defined for computers always have priority. For details, see: Product activation

  • Navigate to Computer management | Directory service structure | Default policies.
  • Select Default rights (computer).
  • In the lower part of the work area, configure the rights of default computers for certain products:

clipboard_e4cb9e73afcf684b7ee95993d327b1840.png

  • When configuring Access Control:
    • In the lower part of the work area, select Offline from the Profile drop-down.
    • Define the settings for the offline profile of a default user.
    • If the settings for the offline profile of a default user are not defined, the inheritance of access rights occurs from the online profile of a default user.
  • Click Save in the toolbar.
  • The defined rights apply to default computers and are automatically inherited by all computers of the directory service structure.

Configuring default settings for computers

The default settings for computers are only displayed in the Settings tab of the Computer management menu. Define the settings in the Administration menu under Clients | Client settings. For details, see: Adjusting client settings These client settings are inherited by every computer and can be customized for individual computers. For details, see: Adjusting settings for computers

Adjusting settings for users

By default, users inherit the rights and settings of the default user. You can deactivate the inheritance and assign individual rights and settings. User rights only apply if the product is enabled for the user and not for the computer. For details, see: Activating products

Adjusting settings for users

  • Go to User management | Settings.
  • See whether for the settings for Internet, Clipboard and Communication the inheritance is enabled and from where the user inherits the settings.
  • The settings in the File type filter – embedded files area are available only when options under Product settings | Filters | Settings are enabled.
  • Enable the Activate individual settings check box to deactivate inheritance and change the settings.

clipboard_e133a51273955dc57a68882fa49f1f135.png

  • Edit the settings and click Save.
  • The selected user now receives the permissions that differ from the default user.

Customizing user rights for Secure Audit, Filters, Encryption and Application Control products

  • Select a user in User management.
  • In the navigation area, click the tab where you want to make changes.
  • Enable the Activate individual settings option.
  • Edit the settings and click Save.

Adjusting settings for computers

The settings defined for a computer in the Settings tab of the Computer management menu correspond to the client settings in the Administration menu. For details, see: Client settings

Adjusting settings for computers

  • Go to Computer management | Settings.
  • Select a computer in the Computer management area.
  • Enable the Activate individual settings check box to cancel the inheritance and to change the settings.
  • Disable the settings and click Save.

Customizing computer rights for Secure Audit, Filters, Encryption and Application Control products

  • Go to Computer management | Settings.
  • Select a computer in the Computer management area.
  • Enable the Activate individual settings option.
  • Edit the settings and click Save.
  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    This page has no tags.