Configuration difference against root policy
is there a possibility to report configuration differences against root policy?
For example we have set no scan exclusion on root policy. However on some policies below we have set exclusions. Is there a possibility to report these changes?
Thank you in advance!
A_Grinkevitch Posts: 172 WithSecure Product Manager
If you know the setting and wish to check all domain values for it, try Show domain values in context menu.
If you wish to get full report, try Reporting - Inheritance report with recursive checkbox. That will collect all overrides for all domains and hosts in your domain.
It is a very good idea to run such "inheritance reports regularly and in the result keep it small.
The changes you did on ROOT should always only be minimal (PMS-Communication) and not involve specific settings on exclusions. All these should be done in a subdomain (e.g. "Workstations").
As a general rule of thumb: Exlusions are only a temporary fix. Any installation that does not work propperly without an exclusion is considered a bug and should be reported to F-Secure Support for fixing.
(see earlier discusions on that topic)