The structure of an Application Control and Device Control policy

The Application and Device Control policy has two parts:
  • Application Control contains one or more rule sets. Each rule set contains one or more rules. You configure properties, conditions, and actions for each rule:
    • Rules
      define the application(s) that you want to monitor.
    • Conditions
      monitor specified operations for the application(s) defined in the rule. The condition also contains the actions to take when the specified operation is observed.
    • As you add the rules and conditions, you need to specify the specific
      properties
      of the condition and what actions to take when the condition is met. Each condition type has different properties.
  • Device control consists of a list of blocked devices and a list of devices that are excluded from blocking. You can add to these two lists and manage their contents.
The following figure illustrates the application and device control components and how they relate to each other.
More information