QuickStart Phase 1 | Endpoint Privilege Manager Nugget Series
Summary
TLDRThis EPM Nugget introduces Quick Start, a set of starter policies designed to reduce risk without affecting user experience. It's a valuable tool for both experienced EPM managers and newcomers, teaching policy layering for desired outcomes. To activate, expand policies, select Quick Start, and confirm activation. Policies are organized in layers, addressing known good applications, common attack vectors, role-based access, and admin rights discovery. Customization is needed for application groups and layer 3 policies to suit specific environments and roles. With Quick Start, users can enjoy risk reduction and privilege access tailored to their roles.
Takeaways
- 🚀 Quick Start is a set of starter policies designed to reduce risk without impacting user experience and serves as a foundation for building more complex policies.
- 🔄 It is a time-saver for experienced users and an educational tool for newcomers in managing and maintaining EPM policies.
- 📚 To enable Quick Start, expand policies in the navigation bar, activate it, and confirm the action for immediate policy deployment.
- 🔍 Review activated policies by clicking on the 'Policies' heading, where each policy is prefixed by a number indicating evaluation sequence.
- 🔑 The sequence of policy evaluation is determined by configuring the priority within individual policies, not by the prefixed numbers.
- 🛡️ Layer One of Quick Start includes exceptions for known good applications, such as approved content handler plugins.
- 🚫 Layer Two focuses on closing common attack vectors exploited by malicious content and defining restricted tasks and applications.
- 👥 Layer Three is for defining role-based access, targeting specific users or SLG groups with tasks and apps for automatic approval.
- 🔎 Layer Four handles the discovery of user admin right requirements and should be reviewed to update Layers 2 and 3 accordingly.
- 🛠️ Quick Start policies utilize additional components like application groups, customized dialogue boxes for user feedback, and policy audit events.
- ✂️ Customization of Quick Start policies is necessary, including reviewing and adjusting content handlers, browsers, and application groups to fit the environment.
- 🔄 Duplicate and modify Layer 3 policies for known roles, or deactivate them as templates for future use, to prepare for removing users from the administrator group.
Q & A
What is the purpose of the 'Quick Start' feature in EPM?
-The 'Quick Start' feature in EPM is designed to immediately reduce risk without impacting the user experience, providing a logical foundation to build on for managing and maintaining EPM policies.
Who benefits from using the 'Quick Start' feature in EPM?
-Both experienced users who are well-versed in managing EPM policies and those new to the field can benefit from 'Quick Start' as a time-saver and an educational tool on layering policies for desired outcomes.
How can one enable the 'Quick Start' feature in EPM?
-To enable 'Quick Start', expand policies in the navigation bar, click 'Policy Recommendations', scroll down to 'Quick Start', and click the 'Activate Quick Start' button, then confirm the action.
What happens after activating the 'Quick Start' policies?
-After activating the 'Quick Start' policies, a banner notification will appear to inform you that the policies have been activated successfully.
How can the activated 'Quick Start' policies be reviewed?
-The activated 'Quick Start' policies can be reviewed by clicking on the 'Policies' heading in the navigation bar.
What do the numbers prefixing each policy in 'Quick Start' represent?
-The numbers prefixing each policy in 'Quick Start' indicate the sequence in which the policies should be evaluated, although it is the priority configured in the individual policies that dictates the actual sequence.
What is the purpose of Layer One in the 'Quick Start' policies?
-Layer One contains exceptions for known good applications, such as approved content handler plugins, to ensure they are not unnecessarily restricted.
What does Layer Two focus on in the 'Quick Start' policies?
-Layer Two focuses on closing down common attack vectors typically exploited by malicious content and defining restricted tasks and applications that should not be tampered with by end users, such as disabling security controls.
What is the role of Layer Three in the 'Quick Start' policies?
-Layer Three is where role-based access is defined, with policies targeted at specific users or SLG groups, containing tasks and apps that should be automatically approved.
What is the function of Layer Four in the 'Quick Start' policies?
-Layer Four handles the discovery of users' admin right requirements and the events these policies create, which should be reviewed and used to update Layers 2 and 3.
What additional components do the 'Quick Start' policies utilize?
-The 'Quick Start' policies utilize components such as application groups for targeting specific applications, setting the parent process context for blocked apps, customized dialogue boxes for soliciting feedback from end users, and the collection of policy audit events.
What customization is needed before using the 'Quick Start' policies?
-Before using the 'Quick Start' policies, one should review and adjust the content handlers and browsers application groups to reflect the environment, duplicate and modify Layer 3 policies for known roles, and deactivate policies that are not yet applicable, using them as templates for future use.
What is the final step after customizing the 'Quick Start' policies?
-The final step is to remove users from the administrator group and benefit from the risk reductions built into the 'Quick Start' policies while still enabling users to gain access to the privileges required to perform their roles.
Outlines
🚀 Quick Start Deployment of EPM Policies
This paragraph introduces the Quick Start phase of deploying EPM (Endpoint Management) policies, which are designed to reduce risk without affecting user experience. It's a set of starter policies that serve as a foundation for further policy development. The Quick Start feature is beneficial for both experienced users looking for a time-saving method and newcomers needing guidance on policy layering for desired outcomes. To activate Quick Start, users expand policies in the navigation bar, find the 'Quick Start' recommendation, and click the activation button. Once activated, a notification confirms the successful implementation. Policies can be reviewed and organized by their prefixed numbers, which indicate the evaluation sequence set by priority configurations. The paragraph also explains the structure of the policy layers, from exceptions for known good applications to role-based access and admin right discovery, emphasizing the need for policy customization to fit the user's environment.
Mindmap
Keywords
💡EPM
💡Quick Start
💡Policy Recommendations
💡Risk Reduction
💡User Experience
💡Policy Layers
💡Role-Based Access
💡Admin Rights
💡Content Handlers
💡Customization
💡Policy Audit Events
Highlights
Introduction to Quickart and its first phase of deployment called Quick Start.
Quick Start is a set of starter policies designed to reduce risk without impacting user experience.
The Quick Start policies provide a logical foundation for building more complex policies.
Quick Start is a time-saver for those experienced in managing EPM policies.
It serves as an educational tool for newcomers in the field of policy management.
Enabling Quick Start involves expanding policies and activating it through the navigation bar.
A confirmation prompt appears after activating Quick Start policies.
A banner notification confirms successful activation of the policies.
Policies can be reviewed and are prefixed by a number indicating evaluation sequence.
The sequence of policy evaluation is achieved by configuring priority within the policies themselves.
Layer One of policies contains exceptions for known good applications.
Layer Two focuses on closing down common attack vectors exploited by malicious content.
Restricted tasks and applications are defined in Layer Two to prevent end-user tampering.
Layer Three defines role-based access for specific users and SLG groups.
Layer Four handles the discovery of user admin right requirements and associated events.
Quickart policies utilize additional components like application groups and customized dialogue boxes.
Policy audit events collection needs to be activated in agent configuration.
Customization of policies is required before further deployment.
Content handlers and browsers application groups should be reviewed and customized.
Layer 3 policies should be duplicated and modified for known roles or deactivated as a template for future use.
Users can be removed from the administrator group while still benefiting from risk reductions in Quick Start policies.
Completion of Phase One allows for the practical application of the Quick Start policies.
Transcripts
this EPM nugget will introduce you to
quickart and the first phase of its
deployment quick start is a set of
starter policies which have been
designed to immediately reduce risk
without impacting the user experience
while also providing a logical
Foundation to build
on if you are well versed in managing
and maintaining EPM policies then quick
start is a Great timesaver And for those
new to the field it will also serve as
an education on how to layer policy to
achieve desirable
outcomes to enable quick start simply
expand policies in the navigation bar
click policy recommendations scroll down
to Quick Start and click the activate
quick start button you will be prompted
to confirm and after a short time a
banner notification will appear to
inform you that the quick start policies
have been activated successfully these
policies can be reviewed by clicking on
the policies heading in the navigation
bar you will note that each policy is
prefixed by a number which indicates the
sequence in which the policies should be
evaluated it's not actually this number
that dictates the sequence that is
achieved by configuring the priority in
the individual policies however the
numbers are useful to be able to view
the policies and
layers layer one contains exceptions for
known good applications such as approved
content Handler
plugins Layer Two closes down common
attack vectors typically exploited by
malicious content and this is also where
we Define restricted tasks and
applications that we do not want the end
user to tamper with such as disabling
security
controls layer three this is where we
start to Define role-based access and
these policies are targeted at specific
users SLG groups and will contain the
tasks and apps that we want to
automatically approve
layer 4 handles discovery of users admin
right requirements and the events these
policies create should be reviewed and
used to update layers 2 and three keep
on top of that activity and you will be
quickly through the discovery phase and
you can switch policies at layer 4 from
open to a more appropriate gating
mechanism the policies in quickart
utilize several additional components
that you should be aware of including
application groups for targeting
specific applic ations and setting the
parent process context for blocked
apps dialogue boxes which have been
customized to solicit useful feedback
from end users and the collection of
policy audit events which needs to be
activated in agent
configuration the policies need a small
amount of customization before we
continue as a first step you should
review the content handlers and browsers
application groups to ensure these are
reflective of your environment and if
needed add or remove from this list as
needed
next you should duplicate Target and
modify layer 3 policies to any known
roles and in the case we don't yet have
that information you should deactivate
these policies and use them as a
template for futured
use you are now ready to remove users
from the administrator group and benefit
from the risk reductions built into the
quick start policies while still
enabling your users to gain access to
the Privileges required to perform their
role phase one is now complete thank
thank you for watching
関連動画をさらに表示
5.0 / 5 (0 votes)