Policies

Policies for a centralized management group are the same as any other policies and consist of a set rules that control the behavior of the centralized management group. You set up rules for the entire centralized management group of Screens using the administration GUI.

Policies and all configuration objects reside on the primary Screen. The primary Screen pushes the rules that apply to the remote Screens out to the Secondary Screens when the policy is activated. Each rule in the policy can be applied to all Screens or just one.

The policy is sent over an encrypted connection to the secondary Screens. The policy is then complied locally on each secondary Screen. The compiled policy is stored on the primary Screen.

The primary Screen "pings" the secondary Screens before it activates a policy and sends the administrator a message if there is a problem. The primary can push a policy to the other secondary Screens in a centralized management group even if one of the secondary Screens doesn't respond to the ping. A policy that is being pushed out to the secondary Screens is activated in parallel on all the secondary Screens. The primary Screen does not have to wait for each secondary Screen to compile the policy separately before sending it out to the next secondary Screen.

You cannot edit an activated policy on the primary Screen. You also cannot directly edit a policy from a Secondary Screen.