Publishing endpoint protection policy rules to VM groups means associating VM groups that need to be protected with a specific service profile.

Endpoint protection policy rules can only be applied to VM groups.


  1. Select Security > Endpoint Protection Rules > Rules > Add Policy.
  2. Click Actions menu.
  3. Select Add Rule.
  4. In the new rule, enter the rule name.
  5. In the Select Groups field, click the Edit icon.
  6. In the Set Groups window, select from the existing list of groups or add a new group.
    1. To add a new group, click Add Group, enter details and click Save.
  7. In the Group column, select the VM group.
  8. In the Service Profiles column, select the service profile that provides the desired protection level to the guest VMs in the group.
    1. To add a new service profile, click Add Service Profile, enter details and click Save.
  9. Click Publish.


Endpoint protection policies protect VM groups.

What to do next

You might want to change the sequence of rules depending on the type of protection required for different VM groups. See How Guest Introspection Runs Endpoint Protection Policy