The server that I will be deploying with the CSA Agent, should it only be attached to the Group "Servers - Internally Deployed" or should it be joined to other groups as well? This server is not a file or print server but a will maintain logs so i do want the necessary protection.
Solved! Go to Solution.
Also, instead of nesting groups and such should I just copy the rules from the "Servers - Internally Deployed" and apply them in the copied Group of "Servers - All Types" ?
Hi Adam, I think that's a matter of personal preference.
In 5.2, I left pretty much everything at the defaults (unlike what I did with 4.X).
My servers are all in the default servers group and in other groups based on their function.
I move all exceptions into custom exception modules in custom policies and associate them with default groups.
Again, that is my personal preference but there are others that do it differently.