1.7 Effective Policy Interface

The Endpoint Security Agent evaluates many policies and types to determine which ones will be enforce by a device. Policies that are currently being enforced make up the Effective Policy List.

1.7.1 PolicyInformation Object

The PolicyInformation object provides information about an individual policy in the system. It can be returned by the EffectivePolicyList and EffectivePolicyArray functions.

Data Types:

string Id— A unique identifier for the policy in the system.

string Version— The version of the policy being used.

string Name— The name of the policy.

string PolicyType— One of the following policy types. Available policy types vary depending on the Endpoint Security Agent version.

  • script

  • applicationControl

  • hardware

  • firewall

  • locationAssignment

  • locationRelation

  • networkEnvironment

  • security

  • storageEncryption

  • storageDeviceControl

  • usb

  • vpn

  • wifi

  • fde

string Session— The session (user, device, zone) that provided the policy.

Functions:

bool Match(string value)

Returns true if the value provided matches the ID or Name value for the policy.

1.7.2 Effective Policies Methods

The Effective Policies methods get information about a device’s currently effective policies.

SafeArray Query.EffectivePolicyArray()

Description:

Returns an array of PolicyInformation objects, one for each effective policy being enforced. The list can be empty when there are no published policies. See the example in Section 1.6.8, Safe Arrays.

ObjectMatchList Query.EffectivePolicyList

Description:

Returns an array of PolicyInformation objects, one for each effective policy being enforced. The list can be empty when there are no published policies. See the example in Section 1.6.9, Object Match Lists.

JScript Example

Action.Trace(" ******** List Access ****** ");
var ret = Query.EffectivePolicyList;
for(var i = 0; i < ret.Count; i++)
{
    var pol = ret.Item(i);
    Action.Trace(" ******** Policy Information ********* ");
    Action.Trace("ID: " + pol.Id);
    Action.Trace("Version: " + pol.Version);
    Action.Trace("Name: " + pol.Name);
    Action.Trace("Type: " + pol.PolicyType);
    Action.Trace("Session: " + pol.Session);
}

VBScript Example

set obj = Query.EffectivePolicyList
max = obj.Count
For idx = 0 to (max - 1)
    Action.Trace " ******** Policy Information ********* "
    set pol = obj.Item(idx)
    Action.Trace "ID: " & pol.Id
    Action.Trace "Version: " + pol.Version
    Action.Trace "Name: " + pol.Name
    Action.Trace "Type: " + pol.PolicyType
    Action.Trace "Session: " + pol.Session
Next