Default policies in Symantec Endpoint Security

Default polices are based on predefined policy templates of
Symantec Endpoint Security
  of a particular type such as Malware or Exploit Protection. All users of the
Symantec Endpoint Security
Complete license can view the default policies in the
page of the console. All users with an administrator role can edit the default policies, including the name of the policy.
*These policies are applied to the Default group by default. All other policies are included with a
Symantec Endpoint Security
Complete; you must apply the policy to a device group before the policies provide protection.
Default policies
Policy Type
Default Policy
Apply Automatically*
Default System Policy
Manage administrative and general configurations of the devices.
System (SEP 14)
Default System Policy
Manage administrative and general configurations of the devices.
Applicable only for the hybrid-managed devices.
Deny List
Default Deny List Policy
Block or quarantine files on your devices. See:
Allow List
Default Allow List Policy
Specify files or URLs for an exception from getting scanned or detected. See:
Allow List (SEP 14)
Default Allow List Policy
Specify files or URLs for an exception from getting scanned or detected. See:
Applicable only for the hybrid-managed devices.
Malware Protection
  • Default Intensive Protection Policy
  • Default Antimalware Policy
Exploit Protection
Default MEM Policy
Stops attacks on commonly used software applications that the vendor has not patched on Windows computers. See:
Intrusion Prevention
Default Intrusion Prevention Policy
Includes configuration options for protection against network and browser attacks. See:
  • Default Quarantine Firewall Policy
  • Default Firewall Policy
Detection and Response
Default Detection and Response
Detect threats and generate responses. See:
App Control
  • Default App Control Policy
  • Default App Control Policy Monitoring Mode
Manage unwanted and unauthorized applications on your device. See:
Device Control
Default Device Control Policy
Includes configuration options of external devices such as disk drives, printers and so on. See:
Trusted Updater
  • Default Trusted Updater Policy
  • Default Trusted Updater Policy Monitoring Mode
Lets you define the applications that you want to run in your environment without changing the agent or the device resources. See:
Adaptive Protection
Default Adaptive Protection Policy
Default Adaptive Protection My Company policy
Reduces attack surface through indications of suspicious behaviors performed by trusted applications. See:
Network Integrity
Default Network Integrity Policy
Protects devices from suspicious networks and generates network threats. See:
Web and Cloud Access Protection
Default Web and Cloud Access Protection Policy
Provides continuous secure connection through the Symantec Web Security Service. See:
Default Host Integrity Policy
Defines requirements for a compliance check on devices in your network. See:
Few legacy policies still exist in
Symantec Endpoint Security
and are visible to the
Symantec Endpoint Security
Complete licensed users that migrated as users of individual applications such as Application Control or Application Isolation. Also, all legacy policies are Application Isolation policies.
If you are a new user of
Symantec Endpoint Security
or if you have created a new domain, then these policies do not display for you in the console.
Legacy Policies of Application Isolation
Policy Type
Browser Isolation
  • Default Internet Explorer Policy
  • Default Internet Explorer Policy Monitoring Mode
  • Default Google Chrome Policy
  • Default Google Chrome Policy Monitoring Mode
  • Default Firefox Policy
  • Default Firefox Policy Monitoring Mode
PDF Renderer Isolation
  • Default Adobe Acrobat Policy
  • Default Adobe Acrobat Policy Monitoring Mode
Office Isolation
  • Default Microsoft Office Policy
  • Default Microsoft Office Policy  Monitoring Mode
  • Default Platform security
  • Default Platform security Monitoring Mode