Content Rules
Content rules define the actions Endpoint Privilege Management for Windows takes when content, such as a file, is launched by the user.
You need a Content Group before you can create a Content Rule.
For more information, see Content Groups.
Insert a Content Rule
Click Content Rules to view, create, or modify the following for each Application Rule:
| Option | Description |
|---|---|
| Target Content Group |
Select from the Content Groups list. |
|
Action |
Select from Allow Modification or Block Access. This is what happens if the user tries to access the content. |
| End User Message | Select if a message is displayed to the user when they try to access the content. We recommend using messages if you're blocking content from being accessed, so the end user has some feedback. |
| Access Token |
Select the type of token to pass to the target Application Group. You can select from:
|
| Auditing | |
| Raise an Event | Whether or not you want an event to be raised if this content rule is triggered. This forwards to the local event log file. |
| Run an Audit Script | You can choose to run an audit script if required. |
|
McAfee ePO Reporting Options This option is only available if you checked the McAfee integration box when you installed the Endpoint Privilege Management Policy Editor. |
|
| ePO Queries and Reports | Select this option to raise an ePO threat event. These are separate from Endpoint Privilege Management reporting events. |
| BeyondTrust Endpoint Privilege Management Reporting (in ePO) | Select this option to raise an Endpoint Privilege Management reporting event. These are available in BeyondTrust Endpoint Privilege Management Reporting. |
For more information, see the following:
