|In Guaranteed State for Tachyon 4.0 a rule cannot be edited once it has been saved. This is because a rule may have been associated with an active policy and changing it subsequently could have undesirable effects. However you can clone an existing rule and then edit the cloned rule to create a changed rule if you wish. To clone a rule, select it from the Guaranteed State→Administration→Rules page and then press Clone.|
For a policy to become effective, it must be deployed. Policies are deployed by pressing the Deploy button from the policies view in the administration section of Guaranteed State.
Note that deployment affects all visible policies that are enabled. You can enable or disable a policy from this screen by selecting it and then pressing the Disable or Enable button (which will change caption as appropriate based on the current state of the policy).
If a policy is deleted, then pressing Deploy will also cause any endpoint that receives the deployment to remove the policy and to cease to enforce it.
If a policy is disabled, then pressing Deploy will also cause any endpoint that receives the deployment to remove the policy and to cease to enforce it.
If the policy is subsequently re-enabled, then the next time Deploy is pressed, it will be sent out again and become effective.
In this initial release of Guaranteed State, you are prompted to deploy a policy as soon as you create it. However, deploying a new policy where any of the following is true will not result in any action being taken at the endpoints:
However, once a policy has been deployed, re-deploying the policy will always affect the endpoints to which the policy was previously deployed. In the case where a re-deployed policy meets any of the above criteria, it will cease to be effective at the endpoints
If the change removes a policy from any management groups, endpoints affected by this change WILL receive a policy update. For example, suppose you had a policy P1 assigned to management group MG1 and you then re-target P1 to management group MG2 instead and re-deploy it. All the endpoints which ever received policy P1 previously will have that policy removed if they now fall outside management group MG2.
The distribution of policies to endpoints is staggered. The stagger period associated with this activity is designed to avoid excessive network traffic. It is not related to the agent stagger parameter which is defined during agent installation.
We can also confirm that the policy was downloaded and applied at the endpoints by examining the Tachyon agent log on the endpoint. Here we see that the policy was downloaded and successfully applied
If we now start the registry editor on the endpoint, we can see that the key and value exist.
Having done this you can now click the Explore button. This launches the standard Tachyon Explorer page but note that the device coverage for any question or action has been set automatically.
Please refer to Using Explorer to investigate devices in Guaranteed State.