I am trying to do some clean up and better management of our SEP environment. Currently we have our groups laid out in this fashion:
- Main company
- default group
- Our organization
(Under here are the individual server groups)
(Under here are the individual workstation groups)
Th issue I run into is that the individual groups do not inherit the policies of the parent (due to exceptions and such), so when I do have an exception that I need to apply to all devices, I have to go into every policy (Which currently sits at about 60) and add the exception in.
Is there a better way of managing the exceptions that apply to all devices, while still having the individual policies for application exceptions?