Assigning a security policy to a Collector Group
By default, a security policy protects the FortiEDR Collectors that belong to that Collector Group. A security policy can be assigned to more than one Collector Group. Multiple security policies can be assigned to each Collector Group.
It is not recommended to assign multiple security policies that have the same or overlapping rules to a Collector Group, as this means that the same security events will be triggered in response to both policies, producing duplicated events. |
Refer to Defining a new Collector Group for a description of how to define a new Collector Group in the INVENTORY tab.
- In the SECURITY POLICIES page, select the name of the security policy to be assigned by clicking its checkbox.
- The right side of the window displays the Collector Groups to which this policy is assigned.
Click the Assign Collector Group toolbar button, which displays the following window in which you can select the Collector Groups to which to assign this policy.
The ASSIGNED COLLECTORS GROUPS area lists all the Collector Groups that have been assigned a security policy to protect them. You can also simply drag-and-drop a Collector Group from this list onto a policy in the left pane of this window to assign the Collector Group to be protected by that policy. |
Deleting a security policy
Select the policy’s checkbox and then click the Delete button.
The Exfiltration Prevention, Ransomware Prevention, Device Control, Application Control, eXtended Detection, and Execution Prevention FortiEDR security policies provided out-of-the-box ( ) cannot be deleted. |