Policy inheritance and assignment

The Policies tab enables you to lock or unlock policy inheritance, view and reset broken inheritance, and copy policy assignments from one node to another.

To lock the assignment of a custom policy:

  1. In the console tree, select a group or computer and click the Policies tab.
  2. Expand a Host Intrusion Prevention feature to display the policies assigned to the node.
  3. Click Edit for a custom policy.
  4. Select Lock, and then click Apply.

     

    Only administrators can lock a named policy.

To view and reset broken inheritance below a specific node:

  1. In the console tree, select a group or computer and click the Policies tab.
  2. Expand a Host Intrusion Prevention feature to display the policies assigned to the node.
  3. Under Inherited By is the number of nodes to which this policy’s inheritance is broken.

     

    This number is the number of nodes where the policy is broken, not the number of systems which do not inherit the policy. For example, if only one particular group node does not inherit the policy, this is represented by 1 doesn’t inherit, regardless of the number of systems within the group.

  4. Click the blue text indicating the number of child nodes that do not inherit.
  5. The View broken inheritance page appears and list node names.

  6. To reset the inheritance of any of these nodes, select the checkbox next to the node name, and then click Reset Inheritance.

To copy and paste policy assignments of a node:

  1. In the console tree, select a group or computer from which you want to copy policy assignments and click the Policies tab.
  2. Click Copy policy assignments.
  3. Select the features whose policy assignments you want to copy and click OK.
  4. In the console tree, select a group or computer and click Paste policy assignments.
  5. Click OK to confirm the replacement of assignments.

Copyright © 2006 McAfee, Inc. All Rights Reserved.