Endpoint Protection

 Hi! I will probably call symantec about this, but wanted to get some of you guys advice/info before I give them a call.

I am using SEP 12.1 and am fairly new to creating policies within SEPM Console. There are already policies that have been created from another user like admin scans and other settings. I notice that on the side of the management console there is a tab named Policies, but there is also a place to select policies under each group. For instance we have the My Company parent folder then there are sub folders like workstations, servers, and admin workstations. My main questions are 1. when I click on the Policies tab does that apply to only the parent folder that is over the different groups or will I have to modify the policies in each group to make it apply to the groups needed? 2. I notice that I can choose for a group to share the policies with the parent folder or I can uncheck it so it wont. I have a group for the Admin workstations and Servers but I dont want these groups to be assigned a policy I want to create that will request a admin password if a user tries to access the gui for symantec endpoint protection so only admins can view that, but I only want the policy to be applied to the workstations group and not the Servers and Admin workstations. Can I just create the policy for the certain group I want it for so the policy wont be applied to every group uder the parent folder?

Any info or how tos you guys want to share i'd appreciate!

Updated 

Hello,

Please check out the below link for more information on types of Policies in a SEPM

Symantec Endpoint Protection Manager - Overview - Policies explained

http://bit.ly/oCpglV

Also you have two option to remove policies.either you can withdraw it or delete permanently

Deleting a policy 

http://bit.ly/ojnEtZ

Withdrawing a policy

http://bit.ly/nxFkMu 

About your question 

1."when I click on the Policies tab does that apply to only the parent folder that is over the different groups or will I have to modify the policies in each group to make it apply to the groups needed"

Ans -->  If policy is inherited then it would take default policy or removed inheritence and customize policy as per business requirement. 

2. Can I just create the policy for the certain group I want it for so the policy wont be applied to every group uder the parent folder ?

Ans --> Yes you can.

You should create different policies for all groups in which you want different policies.

On the command groups using same settings use single policy.

The policy tab shows you how many policies you have created + default ones and on the far right it shows location use count= number of groups on which this policy is applied.

Then when you go to Client Tab -Policy it shows you what are the policies applied on that particular group.