12.1 Understanding Configuration and Security Locations

A device uses its current network environment to determine both its Configuration location and its Security location.

  • Configuration location: The Configuration location is determined from the device’s current network environment and cannot be changed. You can use this location to determine closest ZENworks servers and control availability of bundles and Configuration policies. The Configuration location applies to both Windows and Linux devices.

  • Security location: This location is used only with ZENworks 11 Endpoint Security Management. Like the Configuration location, it is automatically assigned to a device based on the network environment discovered by the device’s ZENworks Adaptive Agent. You can use this location to determine availability of Security policies, Configuration policies, and Windows bundles. If you are using ZENworks Configuration Management, the Security location, like the Configuration location, can be used to control availability of bundles and policies.

However, whereas the Configuration location is determined from all defined locations (in ZENworks Control Center), the Security location is determined from a subset of those locations made available to the device through a Location Assignment policy. The security location is the location where the end point security component of the agent has determined you are. Because not all users may be allowed in all locations, the Security Location is determined by looking at a subset of all available locations configured in a Location Assignment Policy. The intent of the Security policy is to allow ZENworks Endpoint Security Policies, Windows Bundles, and ZENworks Configuration Policies to be enforced or made available only when the user is determined to be in allowed location. Security Location is currently calculated on Windows devices with the Endpoint Security Management agent components enabled.