Configuring Policy

  1. Go to the Configure Policy screen by performing one of the following:
    • Classic Mode: Go to SECURITY AGENTS and select a group. Click > Configure Policy.

    • Advanced Mode: Go to POLICIES > Policy Management. Click Add or click an existing policy.

  2. Go to Target and Service Settings and configure the required settings.



    Policy name

    (Available in Advanced Mode)

    Specify a policy name.


    (Available in Advanced Mode)

    Optionally provide a note about the policy.


    • Classic Mode: Displays the name of the target group

    • Advanced Mode: Click Specify Targets and select groups or endpoints to apply the policy.


      When selecting an Active Directory group that contains child groups, visually the child groups are not selected. However, selecting the parent group automatically adds all child groups to targets.

    Unauthorized Change Prevention Service

    The Unauthorized Change Prevention Service regulates application behavior and verifies program trustworthiness. When the Unauthorized Change Prevention Service is enabled, Worry-Free Services can monitor system events for any unauthorized changes to the operating system, installed software, and to files, registries, and processes.


    By default, this setting is enabled on both Windows desktops and servers.

    The following features require this service:

    • Behavior Monitoring

    • Predictive Machine Learning (for process detections)

    • Device Control

    • Application Control

    • HTTPS Web Threat Protection

    • Security Agent Self-Protection

    Since monitoring all system events requires sufficient system resources, the following are the recommended best practices:

    • Perform tests before deploying to the production environment.

    • Check that the endpoints have sufficient system resources.

  3. Click Windows, Mac, Android, or iOS to configure platform-specific settings.

    For more information, see the following:

  4. Click Save.