The Configuration Profiles section allows you to create and manage collections of settings that you can assign to one or more policies in a fast and efficient manner.
Configuration profiles include:
Exclusions
The Exclusions page enhances your control over the content of policies by creating and managing exclusion lists that can be tailored to the profile of every segment in your environment.
This single-source exclusion management system bypasses the need to inherit the settings from one policy to another in order to reuse exclusions, by allowing you to create and manage exclusions and exclusion lists outside the policy.
You can reuse an exclusion in one or multiple lists, and then assign these lists to one or multiple policies, thus allowing you complete freedom to customize the content that will be excluded from scanning. Furthermore, when you assign a list of exclusions to a policy, you will be able to view how many endpoints will be impacted by the change.
This will result in having and using leaner and more targeted policies, which will increase the overall performance and stability of your environment, and reduce the workload of your SOC team by lowering the amount of false-positive events.
Important
Bitdefender security agent can exclude from scanning certain object types. Antimalware exclusions are to be used in special circumstances, or following Microsoft or Bitdefender recommendations. For an updated list of exclusions recommended by Microsoft, please refer to this web article.
The Exclusions page includes two major areas:
The Exclusion lists panel, where you can create and manage exclusion lists.
The Exclusions grid, where you can create new exclusions, or manage exclusions already assigned to exclusion lists.
The Exclusion lists panel
The Exclusions grid
Maintenance windows
The Maintenance Windows page includes settings that allow you create configuration profiles to control maintenance operations on endpoints. Being independent from the policy, you can generate multiple maintenance windows suited for every scenario that might arise within your environment.
This approach simplifies the process of configuring policies and, at the same time, helps you create and apply more targeted policies.
You can share permissions for maintenance windows, so the other GravityZone users from your company will be able to view and use them.
You can create and apply maintenance windows with Patch Management settings.
The Patch Management module releases you from the burden of keeping the endpoints updated with the latest software patches, by automatically distributing and installing patches for a vast variety of products. You can check the list of supported vendors and products in this article.
Note
The Patch Management module is available for:
Windows for workstations
Windows for servers
The following Linux distributions: CentOS, RHEL, and SLE. See requirements and limitations here.
In the Maintenance Windows page, you can view, filter, search for, create, edit, and delete windows. To use a maintenance window, you must assign it to a policy in the Policies section. Creating, editing and deleting maintenance windows are recorded in User activity log.
Note
To manage patches manually, use the options available in the Patch Inventory section.