Endpoints

For a rule to have any effect, it needs to be assigned to an endpoint. A rule may be assigned to one or more endpoints and/or tags. When assigned to a tag, the rule is assigned to all of the endpoints and any sub-tags within that tag. You must select at least one tag or endpoint.

The Endpoints tab has two components:

Field	Description
System	Select whether to use the endpoint on which the results were found or the endpoint from which the search was performed. Target: Select Target if you wish to use the endpoint on which the results were found. For example, if you use an endpoint to search additional machines (remote endpoints), selecting Target applies this rule to the endpoint on which the search was performed. Source: Select Source if you wish to use the endpoint on which the search was performed. For example, if you use one endpoint to search additional machines (remote endpoints), selecting Source applies this rule to the machine that was used to perform the search. If multiple remote machines were searched from one endpoint, then you need only select the one endpoint which performed the search to have the rule applied to the results found on all of those remote machines.
Scope	Select the endpoints and/or tags to which you want the rule applied.

Field

Description

System

Select whether to use the endpoint on which the results were found or the endpoint from which the search was performed.

Target: Select Target if you wish to use the endpoint on which the results were found. For example, if you use an endpoint to search additional machines (remote endpoints), selecting Target applies this rule to the endpoint on which the search was performed.
Source: Select Source if you wish to use the endpoint on which the search was performed. For example, if you use one endpoint to search additional machines (remote endpoints), selecting Source applies this rule to the machine that was used to perform the search. If multiple remote machines were searched from one endpoint, then you need only select the one endpoint which performed the search to have the rule applied to the results found on all of those remote machines.

Scope

Select the endpoints and/or tags to which you want the rule applied.

To add a tag or an endpoint, place a checkmark in the checkbox to the left of the tag or endpoint by clicking the checkbox. A tag can be expanded to show all of the sub-tags and endpoints that have been added to the policy. If you do not want all of the endpoints under a tag to be added to the rule, it is necessary to add the desired endpoints individually, or to create a new tag containing only the desired endpoints and then add that tag to the rule.

To remove a tag or an endpoint from a rule, click on checkbox to the left of the tag or endpoint to remove the checkmark. It is not possible to remove individual endpoints from a rule if their parent tag has been selected.

Endpoints and tags can be assigned to any number of rules.

After you add or remove an endpoint you must either click the Finish button to save your changes or Cancel button to discard your changes. If you try to select another classification or rule without clicking the Finish or Cancel button, you are prompted with a confirmation dialog that reads, "Do you want to save the current rule?" Select Yes to save your changes, No to discard them or Cancel to return to the rule.