Help CenterBeginning in ThreatLocker Portal Version 3.0.4, ThreatLocker offers the opportunity to move from a hierarchical structure of policy ordering to a flat processing structure. This change is optional; however, it is needed to accommodate future changes, including the ability to view all policies for each module.
By reordering policies, you can choose to manage a lower number of policies by creating entire organization or global policies, and setting exceptions to those catch-all policies at a lower order by number.
Once this ability has been enabled for your organization, a banner will be displayed at the top of the Application Control > Policies page.
Click the 'Learn More' button for more information and the opportunity to view what the new policy order will be before you commit to reordering.
You will be prompted with additional information before any changes are made.
Click the 'Preview New Policy Order' button to open a preview window.
We recommend you fully evaluate the policy order to ensure you are happy with it. Once policies have been reordered, it cannot be undone.
You can export the complete list to CSV to review offline before you commit by using the blue CSV button in the top right-hand corner.
Select the 'Accept Changes' button and confirm you want to proceed with the reorder.
The reordering process should not interfere with the existing order of an Organization's policies. Instead, it will assign order numbers as follows:
- Built-in applications - Start at 101
- Custom apps - Start at +100,001
- Default policy - Will be 1,000,000
Policies will be processed from the lowest number to the highest number, regardless of their Applies To level.
Please Note: Some discrepencies could occur for policies that have the same order by number assigned,
Once the order numbers have been changed, policies at any level can be renumbered to any number to provide granular control over the policy processing order. This includes the ability to set a group or single computer policy to process before a global policy.
Please Note: Policies cannot be reordered to a negative number
It is important to note that by default, the Windows Agent automatically prioritizes built-in applications over custom applications. This means that a policy for a custom application for Office will always be processed after a policy for the built-in Office application, regardless of hierarchy or policy order number. The reorder will reflect the processing order as built-in applications will be given a lower order by number.
To allow the agent to stop prioritizing built-in applications, the Agent Setting "Prioritize Built-In Applications" will need to be set with the checkbox unchecked.
Requires Windows Agent 10.5.3 or greater.
Please reach out to the Cyber Hero team with any questions or concerns.