Enable Risk Intelligence and select Policy

Risk Intelligence deployments can be tailored to match your precise protection requirements. Across the entire customer base on every computer, on selected Clients and Sites or on specific computers.

When configuring Risk Intelligence choose the Policy. This controls every aspect of Risk Intelligence from which scans to run (Security Scan, PCI Scan, Data Breach Risk Scan) down to their schedule (Daily, Weekly, Monthly or on-demand).

By default, policies are inherited from the parent. Devices inherit policies from the site, sites inherit policies from the Client, Clients, in turn, inherit the policy setting for all servers and workstations.

Multiple Devices

To configure Risk Intelligence across multiple computers:

  1. Log into the Dashboard
  2. Go to Settings > Risk Intelligence > Settings
  3. Select the "Entity" type to enable Risk Intelligence on (all servers and workstations or servers and workstations at specific clients and sites)

    Feature status indicators (colored dots) in the Settings dialog indicate if the feature is enabled or disabled at the entity level, and whether devices under an entity have the same settings:

    • Green - Feature or functionality enabled for all devices under that entity. This includes device level settings
    • Grey - Feature or functionality disabled on at least one device under that entity. This includes device level settings
    • Orange – One of the child entities has a different configuration to the parent. Where a Client only has one Site, its status indicator reflects that of the Site.

    For more information on these states, see Feature and Functionality Settings Icons.

  4. Change "Setting" to On, Off or Use Parent (only for Client or Site)
  5. When "Setting: On" choose the policy to apply to the selection from the drop-down. The policy dropdown includes both the system and custom polices available for the selected device type (Server, Desktop and Laptop policies)
  6. Click OK to save and apply

Individual Device

You can enable Risk Intelligence on specific servers and workstations, for example exclude a computer from the default entity policy or only apply Risk Intelligence on selected computers.

Setting the policy at the device level means that it will no longer inherit policies from its parent (where inherit was previously selected) to place the device back under its hierarchical policy control select "Use Policy Settings".

  1. Log into the Dashboard
  2. Right-click on the device in the North-pane (or from the Edit Server or Edit Workstation drop-down)
  3. Click Edit Server or Edit Workstation then Risk Intelligence
  4. Change "Setting" to On, Off or Use Parent (only for Client or Site)
  5. When "Setting: On" choose the policy to apply to the computer from the drop-down. The policy dropdown includes both the system and custom polices available for the device's type (Server, Desktop and Laptop policies)
  6. Click OK to save and apply

For visibility the "Agent Supports Features" of the device's "Summary" tab indicates the Risk Intelligence's state.

For a list of all of the policies currently in use across your policy supporting features, please refer to the Feature Policy Report.

Risk Intelligence Automated Tasks and feature Status

After enabling Risk Intelligence, the Agent downloads the Automated Tasks required to run the scans on the selected computers at the scheduled time.

Where a scan runs into any problems, this is reported in the "Output" column and "More Information..." dialog; including potential causes of the issue (where available).

For example:

Summary: Error Running Scan
If this is a new system, please allow up to two hours for it to synchronize with the Risk Intelligence database before running any RI scripts.

Risk Intelligence deployed Automated Tasks are only managed through the corresponding policy and are excluded from the "Edit" or "Delete" Automated Task options.

What do you want to do?