Carbon Black App Control policies are groups of protection rules shared by targeted groups of computers running the Carbon Black App Control Agent – every computer running a Carbon Black App Control Agent must belong to a policy.

You create policies based on your security and organizational requirements. For example, you might base policy membership on functional role (e.g., marketing, customer service, IT); location; or type of computer (e.g., laptop, desktop, server).

Each policy has its own Carbon Black App Control Agent installer, which is automatically generated on the server when you create the policy. Each installer automatically assigns a policy to each agent it installs. However, if you choose, you can have the Carbon Black App Control Server assign a policy based on Active Directory data for the user and/or computer running the agent each time the computer with the Carbon Black App Control Agent connects to the server.

See Creating and Configuring Policies for details on policies.