How you can structure groups

Article:HOWTO81196  |  Created: 2012-10-24  |  Updated: 2014-09-21  |  Article URL http://www.symantec.com/docs/HOWTO81196
Article Type
How To


Subject


How you can structure groups

You can create multiple groups and subgroups to match the organizational structure and security of your company. You can base your group structure on function, role, geography, or a combination of criteria.

Table: Criteria for creating groups

Criterion

Description

Function

You can create groups based on the types of computers to be managed, such as laptops, desktops, and servers. Alternatively, you can create multiple groups that are based on usage type. For example, you can create a remote group for the client computers that travel and a local group for the client computers that remain in the office.

Role

You can create groups for department roles, such sales, engineering, finance, and marketing.

Geography

You can create groups based on the offices, cities, states, regions, or countries where the computers are located.

Combination

You can create groups based on a combination of criteria. For example, you can use the function and the role.

You can add a parent group by role and add child subgroups by function, as in the following scenario:

  • Sales, with subgroups of laptops, desktops, and servers.

  • Engineering, with subgroups of laptops, desktops, and servers.

After you organize the client computers into groups, you can apply the appropriate amount of security to that group.

For example, suppose that a company has telemarketing and accounting departments. These departments have staff in the company's New York, London, and Frankfurt offices. All computers in both departments are assigned to the same group so that they receive virus and security risk definitions updates from the same source. However, IT reports indicate that the telemarketing department is more vulnerable to risks than the accounting department. As a result, the system administrator creates separate telemarketing and accounting groups. Telemarketing clients share configuration settings that strictly limit how users can interact with their virus and security risk protection.

If you have both Symantec Endpoint Protection clients and Symantec Network Access Control clients installed, keep the Symantec Endpoint Protection clients and Symantec Network Access Control clients in separate groups.

See the knowledge base article Best Practices for Creating Group Structure.

See Performing the tasks that are common to all policies.

See Managing groups of clients.


Legacy ID



v8970377_v81626096


Article URL http://www.symantec.com/docs/HOWTO81196


Terms of use for this information are found in Legal Notices