A policy determines preventative behavior and establishes sensor settings. Each asset is assigned a policy.

Policies are a collection of prevention rules and behavioral settings that define how your sensor interacts and prevents or allows behavior on an asset. Within Policies, you can create custom blocking rules, allow applications, and modify the way your sensor communicates with the Carbon Black Cloud.

Tip: You can also use the Policies API to achieve policy and sensor setting adjustments.

Policy Assignments with Sensor Groups

Important: Asset Groups became available to Carbon Black Cloud customers on 27 November 2023. Carbon Black recommends that you upgrade from Sensor Groups to Asset Groups as soon as it is operationally feasible for your organization. Sensor Groups will retire on 01 December 2024. See Asset Groups and Sensor Groups and Upgrading to Asset Groups from Sensor Groups.

Policy Assignments with Asset Groups

When you are using Asset Groups to manage sensors, a policy is applied to an asset in the following ways:

  • Assigned during sensor installation.
  • Automatic assignment through Asset Group membership.
  • Manually assigned from an Inventory page.

If more than one policy is applied to an asset because the asset is a member of multiple groups that have policies, the policy that has the highest rank takes precedence unless a policy is manually assigned to an asset. The resulting policy is known as the effective policy. See Rank Policies.

Image showing highest rank policy

Manually assigned policies always take precedence over policies that are assigned through Asset Group membership, regardless of policy rank.

An effective policy is assigned by default when:

  • An asset is not assigned a policy manually or through Asset Group membership.
  • An asset was assigned a policy through Asset Group membership, but it is no longer a member of that group.