#Configuration# How to Enable Real-time Protection on Sangfor Endpoint Security V6.0.2EN
  

Sangfor Jojo Lv5Posted 08 Apr 2024 16:43

*1. Introduction

1.1 User Scenario
1) We can protect our Windows and Linux resources and organize them into specific groups on the Sangfor Endpoint Secure Appliance.
2) This aspect brings many advantages, as it is possible to create additional users and grant access to specific asset groups (essential if you want to offer this solution in MSP mode to external companies to guarantee their IT managers administrative access to a specific group).
3) Another advantage is that you can apply a specific policy to a specific group to apply specific settings to specific assets that are part of that group. This guide will show you how to apply real-time protection to all assets in each group.

1.2 Requirements
1). The user's network has Endpoint Secure appliance deployed (on premise or on a public cloud).
2). You need to have some assets that you already deployed Endpoint Secure.

*2. Configuration Guide
On this guide, we will create a test group and move specific assets on it.

2.1 Group and asset Configuration

Step 1. Create a test group.
To do this you have to go on Endpoint Secure web UI at this point:
Endpoint -> Endpoint Groups-> New

Here you can add a new group (we call test on this example):

On above screen, you can see that there’s an option to add a new group inside an existing group.
Beware about Auto Grouping feature if you plan to give access to another external customers as they might have same network segment on their network (overlap) and this feature move automatically all assets that stand on a specific network.

Step 2. Move specific assets on this new group
On default, all clients that you deploy Endpoint Secure stands on this default group named Ungrouped Endpoints.

You can select it and perform moving to newly created test group:
Remember that this newly group inherit by default the policy applied on top.

2.2 Policy Configuration
Step 1. Now on policies page we see that we have a policy with all values inherited from the policy that stands on top.
Click Policies -> General Policies -> Groups

Step 2. Open Real-time Protection tab and activate the protection to all assets that are on Test group:

*3. Precaution
1) Remember that if you have some previous clients, you can group them together in a subgroup and edit the corresponding policy.
2) To our knowledge, for these older clients, it is better to enable real-time protection with the same settings as on the previous screen to keep the effort low and not interfere with users’ daily work.
3) We have found that on older local computers, we have made these settings for the engines and CPU utilization that enforce the lightweight agent version of the Endpoint Secure client.



This article is written by Enrico Vanzetto who is a technical engineer and has much experience and a better understanding of Sangfor network secure (NGAF), HCI, Endpoint Secure, VDI, and Cyber Command products. If you want to know more about him, click here.

3_Endpoint Security V6.0.2EN enable realtime protection through security policy_.docx

519.1 KB, Downloads: 259

Like this topic? Like it or reward the author.

Creating a topic earns you 5 coins. A featured or excellent topic earns you more coins. What is Coin?

Enter your mobile phone number and company name for better service. Go

Sheikh_Shani Lv2Posted 26 Jul 2024 02:19
  
Thanks for sharing
Newbie517762 Lv5Posted 09 Apr 2024 11:20
  
Thanks for sharing.
Medic Lv1Posted 09 Apr 2024 09:14
  
nice tutorial
Zonger Lv5Posted 08 Apr 2024 23:48
  
Thanks for sharing
Enrico Vanzetto Lv4Posted 08 Apr 2024 17:15
  
My Guide :-D