Policy Server enforces rules in a specific order, which allows you to prioritize rules. Change the order of rules, add new ones, and remove existing ones from a policy.

As with rules, policies include default responses to help you understand the condition of OfficeScan clients on the network when client validation occurs. However, the default responses are associated with clients only when client security posture does NOT match any rules in the policy.

The responses for policies are the same as those for rules (see Default Responses for Rules for the list of responses).

The Policy Server enforces rules to clients by subjecting OfficeScan client posture information to each of the rules associated with a policy. Rules are applied top-down based on the rules in use specified on the web console. If the OfficeScan client posture matches any of the rules, the action corresponding to the rule is deployed to the OfficeScan client. If no rules match, the default rule applies and the action corresponding to the default rule is deployed to clients.

Default Outbreak Mode Policy evaluates OfficeScan clients using the "Healthy" rule. It forces all OfficeScan clients that do not match this rule to immediately implement the actions for the "Infected" response.

Default Normal Mode Policy evaluates OfficeScan clients using all the non-"Healthy" rules (Transition, Not Protected, Quarantine, CheckUp). It classifies all OfficeScan clients that do not match any of these rules as "healthy" and applies the actions for the "Healthy" rule.