Query-Based Policy Settings in SEPM
Sometimes it would be desireable to set up a policy that would allow a query of some type to dynamically alter a policy on the fly. For examply, we normally run LiveUpdate once per day at night. I would like to have SEP/LU be able to change if THREATCON is set to a higher number than one. For example, if threatcon is slightly elevated, I may want to check for new definitions every 4 hours or, if threatcon is a lot higher, maybe check every hour. This would be able to do this without human intervention.
There are other things that would be great to change such as changing network policies during an "outbreak" condition.