Policies

Endpoint Policy Manager policies are configurable items which perform work on the endpoint.

NOTE: Policies are also known as components, and that wording may be used interchangeably.

Each policy has a different function, so we are going to briefly explore what these components can do for you. Remember, you may use any of the solution methods to deploy a policy, provided your license enables it.

Application Settings Manager with Endpoint Policy Manager DesignStudio

Endpoint Policy Manager Application Settings Manager has over 400 preconfigured AppSets to get you started managing and locking down pesky applications right away.

Many popular applications are available, including Internet Explorer, Teams, Acrobat Reader, Java, Firefox, Office, and more. Additionally, with our Endpoint Policy Manager DesignStudio, you can design your own Paks for just about any application. With Endpoint Policy Manager Software, it is easy to configure, manage, and lock down 1, 2, 50, or more in-house or commercial applications. In conjunction with Endpoint Policy Manager Cloud or your own MDM service, you can deploy Endpoint Policy Manager Application Settings Manager directives over the Internet, even to non-domain-joined machines.

Note: For more information on this topic, please see this video: What is Endpoint Policy Application Manager (Cloud Edition).

Least Privilege Manager

Endpoint Policy Manager Least Privilege Manager enables your users with standard user rights to get access to applications in situations where they might need local admin privileges.

It will also stop attacks from malware, crypto-malware, etc., and will block any application if it is not installed by an administrator. This is called the Endpoint Policy Manager LPM SecureRun™ feature. In conjunction with Endpoint Policy Manager Cloud or your own MDM service, Endpoint Policy Manager Least Privilege Manager can deploy directives over the Internet, even to non-domain-joined machines.

For more information on this topic, please see this video: Video Learning Center > Privilege Manager.

NOTE: Note that Endpoint Policy Manager Least Privilege Manager has two versions: Standard and Complete. If a customer is a Endpoint Policy Manager Enterprise or SaaS customer, they get Least Privilege Manager Complete. If the customer is a Endpoint Policy Manager Professional customer, they can decide between Least Privilege Manager Standard or Complete. For an overview of the two versions, check out this page: https://www.endpointpolicymanager.com/paks/least-privilege-security-pak/.

Browser Router

Endpoint Policy Manager Browser Router dictates which browser should open up which web pages for end users.

If you have a specific need to open up Edge, Firefox, Chrome, Internet Explorer, or a custom browser, Endpoint Policy Manager Browser Router can make it easy. It can also dictate which browser should be the default for websites so the user is not prompted. It can also block access to certain websites (e.g., Facebook) for all browsers. It can also specify Internet Explorer's document and enterprise modes on the fly. In conjunction with Endpoint Policy Manager Cloud or your own MDM service, you can also deliver these Endpoint Policy Manager Browser Router settings over the Internet to domain-joined and non-domain-joined machines.

Note: For more information on this topic, please see this video: Video Learning Center > Browser Router

Java Enterprise Rules Manager

Endpoint Policy Manager Java Enterprise Rules Manager enables you to choose the version of Java that specific websites use or block Java websites entirely, even for remote machines via the cloud.

Making a Java deployment rule set for your enterprise has never been easier or more flexible. In conjunction with Endpoint Policy Manager Cloud or your own MDM service, Endpoint Policy Manager Java Enterprise Rules Manager can deploy most Microsoft Security settings to computers over the Internet, even to non-domain-joined machines.

Note: For more information on this topic, please see this video:Video Learning Center > Java Enterprise Rules Manager .

Admin Templates Manager

Endpoint Policy Manager Admin Templates Manager enables you to deploy any Microsoft setting (or third-party admin template [.admx file]) to either users or computers.

You can also put Group Policy settings into collections and ensure that they are specifically targeted with conditions to users and computers . Endpoint Policy Manager Admin Templates Manager will enable you to deploy Admin Template items without using Group Policy, by using Microsoft SCCM, Windows Intune, or your own systems management software. In conjunction with Endpoint Policy Manager Cloud, Endpoint Policy Manager Admin Templates Manager allows you to deploy any Microsoft Admin Template (or third-party ADMX setting) to computers over the Internet, even to non-domain-joined machines.

Note: For more information on this topic, please see this video:Administrative Templates Manager.

File Associations Manager

Endpoint Policy Manager File Associations Manager enables you to map specific file extensions (such as .pdf) to specific applications, like Acrobat Reader (standard apps and Windows 10 Universal apps), and handling applications with protocols (such as MAILTO:).

Note: For more information on this topic, please see this video: Video Learning Center > File Associations Manager.

Preferences Manager

Endpoint Policy Manager Preferences Manager keepsw Group Policy Preferences working and compliant, even when the computer goes offline.

It enables you to deploy Group Policy Preference items without using Group Policy. For instance, by using Microsoft SCCM, Windows Intune, or your own systems management software. In conjunction with Endpoint Policy Manager Cloud or your own MDM service, Endpoint Policy Manager Preferences Manager deploys Group Policy Preference items over the Internet, even to non-domain-joined machines.

NOTE: The license for this policy is not provided unless specifically requested by the customer when Endpoint Policy Manager is used with the Group Policy delivery mechanism. For more details on why the license is not automatically provided, please see the following link: Where is my Endpoint Policy Manager Preferences Component license and how do I request one?.

Note: For more information on this topic, please see this video:Preferences Manager

Security Settings Manager

Endpoint Policy Manager Security Settings Manager enables you to deploy Group Policy's Security settings without using Group Policy.

You can do this by using Microsoft SCCM, Windows Intune, or your own systems management software. In conjunction with Endpoint Policy Manager Cloud or your own MDM service, Endpoint Policy Manager Security Manager can deploy most Microsoft Security settings to computers over the Internet, even to non-domain-joined machines.

Note: For more information on this topic, please see this video: Security Settings Manager.

Start Screen & Taskbar Manager

Endpoint Policy Manager Start Screen & Taskbar Manager enables you to map specific applications (Win32 and WUP apps) and Edge links to specific Windows 10 Start menu groups.

It gives you granular control to create groups of individual tiles and locks those groups down. Additionally, you can use this component to pin items to the Windows 10 taskbar.

NOTE: You may wish to watch our Quickstart videos of Endpoint Policy Manager Start Screen & Taskbar Manager: Start Screen & Task Bar Manager > Video Learning Center.

Note: For more information on this topic, please see this video: Video Learning Center > Start Screen & Task Bar Manager

Scripts & Triggers Manager

You can use Endpoint Policy Manager Scripts & Triggers Manager to automate any task, with a script. You can use triggers to enable the scripts to run at specific times.

In conjunction with Endpoint Policy Manager Cloud or your own MDM service, you can use scripts to deploy software over the Internet, even to non-domain-joined machines.

Note: For more information on this topic, please see this video:Video Learning Center > Scripts & Triggers Manager.

Remote Work Delivery Manager

You can use Endpoint Policy Manager Remote Work Delivery Manager to automate the delivery of files from UNC shares or Internet shares, install software, and keep software automatically updated.

In conjunction with Endpoint Policy Manager Cloud or your own MDM service, you can deploy VPN connections over the Internet, even to non-domain-joined machines.

Note: For more information on this topic, please see this video: Remote Work Delivery Manager > Video Learning Center.

Feature Manager for Windows

Endpoint Policy Manager Feature Manager lets you select and deselect the Windows features and optional features that best fit the needs of your users.

You can also specify or postpone necessary reboots. In conjunction with Endpoint Policy Manager Cloud or your own MDM service, Endpoint Policy Manager Feature Manager for Windows lets you manage the Windows features and options on machines over the Internet, even to non-domain-joined machines.

Note: For more information on this topic, please see this video:Video Learning Center > Feature Manager for Windows .

Remote Desktop Protocol Manager

You can use Endpoint Policy Manager Remote Desktop Protocol Manager to enable users to remotely connect into existing RDP machines.

In conjunction with Endpoint Policy Manager Cloud or your own MDM service, you can deploy policies that add or remove .rdp file connections over the Internet, even to non-domain-joined machines.

Note: For more information on this topic, please see this video:Video Learning Center Video Learning Center Video Learning Center.

Network Security Manager

You can use Network Security Manager to specify which processes and applications can communicate to what IP, web addresses and over what protocols.

Note: For more information on this topic, please see this video:Video Learning Center > Network Security Manager

Software Package Manager

You can use Endpoint Policy Manager Software Package Manager to add or remove packages from the Microsoft Store.

In conjunction with Endpoint Policy Manager Cloud or your own MDM service, you can deploy policies which add or remove Microsoft Store application connections over the Internet, even to non-domain-joined machines.

Note: For more information on this topic, please see this video: Video Learning Center > Software Package Manager.

Application Settings Manager with Endpoint Policy Manager DesignStudio​

Least Privilege Manager​

Browser Router​

Java Enterprise Rules Manager​

Admin Templates Manager​

File Associations Manager​

Preferences Manager​

Security Settings Manager​

Start Screen & Taskbar Manager​

Scripts & Triggers Manager​

Remote Work Delivery Manager​

Feature Manager for Windows​

Remote Desktop Protocol Manager​

Network Security Manager​

Software Package Manager​