OK so here is the scenario in the clients section inside the SEPM console.
- My Company (default policy)
- Server Group A (Web Servers) - TCP/80
- Server Group B (TACACS servers) - TCP/49
- etc. etc.
Is there a way to define a baseline policy at the "My Company" Level with for example block all inbound except RDP from a specified IP range and SNMP from a single IP.
Then at each Server Group level to use the preceding default policy but append application specific inbound rules.
It seems that you can copy the preceding policy to a lower folder and add rules which is OK but would be a pain when you need to add a new default service to the default policy as you'd need to redo each container to absorp the new rule (unless I'm missing something here..)
I hope this is clear...
Please feel free to ask questions if you need this clarifying at all.
regards
Rob