You can set trust levels for file and publisher approvals in various ways, but there are two recommended combinations:


File Trust

Publisher Trust

High Critical Asset Protection: For high protection for intellectual property and other confidential information.



Protection with Flexibility: To protect your computers from risky files, but allow automatic approval of more files with relatively low threat.



When you enable both file and publisher reputation approvals, a file is approved if either its own reputation or its publisher’s reputation meets the thresholds you set.

You can adjust these settings to meet your own judgment on the trade-offs, but setting the approval level at a very low trust level is not advisable. One way to see what the effect of approvals at different trust levels will be is to examine the File Catalog and the Publishers list in the console, grouped to show their contents by Trust.

To see files by trust category, click Assets > Files on the console menu, click the File Catalog tab, and select Trust on the Group By menu.

To see current publishers by trust category, click Rules > Software Rules on the console menu, click the Publishers tab, and select Trust on the Group by menu. This list includes only those publishers whose files have been inventoried on agent-managed computers or added by importing a certificate from a file on a computer that does not have an agent.