Device Rules
In this section:
About Device Rules
Device rules allow security control rules to be matched with specific devices. Device rules can apply the rule settings either to the device hosting the (Undefined variable: Primary.SecondaryProduct) Agent and configuration, or to connecting devices.
For example, a configuration rule can allow certain applications to run on a server but prohibit others from running when launched from a device listed in the rule.
Device rules also provide the ability to perform per-device license management in a server-based computing environment.
- To add a device rule set, select Rule Sets > Device. Right-click and select Add Device Rule Set.
- To remove a device rule set, right-click a device rule set and select Remove Rule Set. A confirmation message displays, click Yes to confirm the removal.
Device Rule Validation
| Type | Rule |
|---|---|
| Host Name or IP Address | Use this device client rule to apply Allowed Items, Denied Items, Trusted Vendors, and Privilege Management rules to a third party device when a user attempts to access their endpoint from a specific Host Name or IP Address. If the Host Name or IP Address is matched to the third party device, (Undefined variable: Primary.SecondaryProduct) rules specific to the device are applied. |
| Computer Group Membership | Use this device client rule to apply Allowed, Denied, Trusted Vendors, and Privilege Management rules to a third party device that is a member of a specific security group. (Undefined variable: Primary.SecondaryProduct) checks to see if the computer is a member of the specified security group before applying the rules. If entering the Computer Group Membership details manually, you must use the fully qualified name. |
| OU Membership | Use this device client rule to apply Allowed, Denied, Trusted Vendors and Privilege Management rules to a third party device that is a member of a specified Organizational Unit (OU). |