Reference Guide
Security Management Server v10.2.7 AdminHelp
217
provided by support if it is required.
The value of this policy must include the entire contents of the policy.xml file.
Copy and paste the contents of policy.xml into the policy editor as shown in
this example.
Global Quarantine
List
String
String
The value of this policy includes a collection of hashes for portable executable
that need to be automatically quarantined within the enterprise. This policy
will force quarantine files based on a SHA256 hash of the specific portable
executable.
Global Safe List String
String
The value of this policy includes a collection of hashes for portable executable
that need to be allowed to run within the enterprise. This policy will force
allow files based on a SHA256 hash of the specific portable executable.
Agent Settings
Suppress Popup
Notifications
Not Selected
Selected
Not Selected
If Selected, popup notifications for Advanced Threat Prevention events do not
display on the client computer.
Minimum Popup
Notification Level
High
High
Medium
Low
Severity level of events that result in popup notifications that display on the
client computer.
A setting of High allows only notifications of critical events to display. A setting
of Low displays all on-screen notifications for all events. Listed below are
examples of events that fall into the severity levels:
High
1) Protection status has changed. (Protected means that the Advanced Threat
Prevention service is running and protecting the computer and needs no user
or administrator interaction.)
2
) A threat is detected and policy is not set to automatically address the threat.
Medium
1) Execution Control blocked a process from starting because it was detected
as a threat.
2) A threat is detected that has an associated mitigation (for example, the
threat was manually quarantined), so the process has been terminated.
3) A process was blocked or terminated due to a memory violation.
4) A memory violation was detected and no automatic mitigation policy is in
effect for that violation type.
Low
1) A file that was identified as a threat has been added to the Global Safe List
or deleted from the file system.
2) A threat has been detected and automatically quarantined.
3) A file has been identified as a threat but waived on the computer.
4) The status of a current threat has changed (for example, Threat to
Quarantined, Quarantined to Waived, or Waived to Quarantined).
Enable BIOS
Assurance
Selected
Selected
Not Selected
If selected, BIOS integrity checks are performed on endpoints computers to
validate that the BIOS has not been modified from the Dell factory version. A
custom factory image cannot be used with this feature, as the BIOS has been
modified. This feature is available only on Dell platforms.
Platforms available with this feature include the newest release of select XPS,
Latitude, Optiplex, Precision Workstations, and Venues. Speak to your Sales
Associates for details or contact Dell ProSupport.
This policy does not apply to Mac clients.