The following instructions explain how to create a new security policy by using the Create New Policy wizard. In addition to using the wizard, you can create policies by:
Copying an existing security policy. All original system requirements, details, and settings are copied to the new policy. You can then make any desired modifications to the new policy. See Copy a Policy.
Creating a Sandbox version of an existing security policy and then publishing it as a new policy. For information, see Publish a Sandbox Version.
Importing a policy from another Management Zone. All original system requirements, details, and settings (if applicable) are imported to the new policy. For information, see Importing and Exporting Policies.
To create a security policy using the Create New Policy wizard:
In ZENworks Control Center, click Policies to display the Policies page.
In the Policies panel, click New > Policy to launch the Create New Policy wizard.
On the Select Platform page, select Windows, and click Next.
On the Select Policy Category page, select Windows Endpoint Security Policies, and click Next.
On the Select Policy Type page, select the type of policy you want to create, and click Next.
For information about policy types, see Types of Security Policies.
On the Define Details page, specify a name for the policy, select the folder in which to place the policy, then click Next.
The name must be unique among all other policies located in the selected folder. For additional requirements, see Naming Conventions in ZENworks Control Center.
(Conditional) If the Configure Inheritance and Location Assignments page is displayed, configure the following settings, then click Next.
Inheritance: Leave the Inherit from policy hierarchy setting selected if you want to enable this policy to inherit settings from same-type policies that are assigned higher in the policy hierarchy. For example, if you assign this policy to a device and another policy (of the same type) to the device’s folder, enabling this option allows this policy to inherit settings from the policy assigned to the device’s folder. Deselect the Inherit from policy hierarchy setting if you don’t want to allow this policy to inherit policy settings.
Location Assignments: Policies can be global or location-based. A global policy is applied regardless of location. A location-based policy is applied only when the device detects that it is within the locations assigned to the policy.
Select whether this is a global or location-based policy. If you select location-based, click Add, select the locations to which you want to assign the policy, then click OK to add them to the list.
Configure the policy-specific settings, then click Next until you reach the Summary page.
For information about a policy’s settings, you can click Help > Current Page in ZENworks Control Center, or you can see Policy Settings.
On the Summary page, review the information to make sure it is correct. If it is incorrect, click the Back button to revisit the appropriate wizard page and make changes. If it is correct, select either of the following options (if desired), then click Finish.
Create as Sandbox: Select this option to create the policy as a Sandbox version. The Sandbox version is isolated from users and devices until you publish it. For example, you can assign it to users and devices, but it is applied only after you publish it. You can also use the Sandbox version to test the policy on devices you’ve designated as test devices. For information, see Testing Security Policies.
Define Additional Properties: Select this option to display the policy’s property pages. These pages let you define system requirements that must be met before the policy can be assigned to a device, assign the policy to users and devices, and add the policy to policy groups.
To test the policy before assigning it to users and devices, see Testing Security Policies
To assign the policy to users and devices, see Assigning Security Policies.