Content rules define the actions Privilege Management for Windows takes when content, such as a file, is launched by the user.
You need a Content Group before you can create a Content Rule.
For more information, please see Content Groups.
Insert a Content Rule
Click Content Rules to view, create, or modify the following for each Application Rule:
|Target Content Group||
Select from the Content Groups list.
|Select from Allow Modification or Block Access. This is what happens if the user tries to access the content.|
|End User Message||Select if a message is displayed to the user when they try to access the content. We recommend using messages if you're blocking content from being accessed, so the end user has some feedback.|
Select the type of token to pass to the target Application Group. You can select from:
|Raise an Event||Whether or not you want an event to be raised if this content rule is triggered. This forwards to the local event log file.|
|Run an Audit Script||You can choose to run an audit script if required.|
McAfee ePO Reporting Options
This option is only available if you checked the McAfee integration box when you installed the Privilege Management Policy Editor.
|ePO Queries and Reports||Select this option to raise an ePO threat event. These are separate from Privilege Management reporting events.|
|BeyondTrust Privilege Management Reporting (in ePO)||Select this option to raise a Privilege Management reporting event. These are available in BeyondTrust Privilege Management Reporting.|