Posted on

Best practice for Exceptions

I need a solution

I am trying to do some clean up and better management of our SEP environment. Currently we have our groups laid out in this fashion:

- Main company

       - default group

- Our organization

      - Servers

             (Under here are the individual server groups)

       - Workstations

             (Under here are the individual workstation groups)

Th issue I run into is that the individual groups do not inherit the policies of the parent (due to exceptions and such), so when I do have an exception that I need to apply to all devices, I have to go into every policy (Which currently sits at about 60) and add the exception in.

Is there a better way of managing the exceptions that apply to all devices, while still having the individual policies for application exceptions?