Long Arrow Right External Link angle-right Search Times Spinner angle-left

Policy Hierarchy

View in browser

Overview

This article covers the order of policies as they apply to your computers

Application Control

  1. Global - (Designed for MSPs) policies under the Global computer group will apply first to the parent organizations and all child organizations
  2. Global-{GroupName} - (Designed for MSPs) policies under these groups will apply to any computers for the parent and child organizations that are a part of a computer group that matches the name after the "-" (e.g. policies under Global-Workstations will apply to all parent and child organizations in the Workstations groups)
  3. Entire Organizations - policies at this level will apply to all computers within the single organization being managed
  4. {Hostname} - Located under the Computers section in the "Applies to" dropdown list under the Policies page, policies located here will apply to the single computer selected
  5. {GroupName} - Located under the Groups section in the "Applies to" dropdown list under the Policies page, policies located here will apply to any computers under the selected group (e.g. policies under Workstations will apply to all computers in this organization installed under the Workstations group)

Policies are applied in the order shown on the policies page, from top to bottom.

At the bottom of each group (excluding Global and Template groups) is the "Default - {GroupName}" policy; this the catchall policy responsible for denying unknown applications, this is set to Request by default.

Storage Control

The order is identical to Application Control, however, there is currently no Global option for Storage Control