Viewing policy groups

You can open a policy group to view the status of its policies and the list of devices that belong to it.

To view a policy group:

Log in to the Secure Endpoint Console as a user with View permissions for Policies.
On the navigation bar, click Policies > Policy Groups.

On the Policy Groups sidebar, click the policy group that you want to view. The policy group opens in the work area to show the following information:

Name and description of the policy group
<#> devices: the number of devices in the policy group
Click the link to view the policy group's devices.
Agent Version: the version of the Secure Endpoint Agent assigned to the policy group
Click the linked version number to open the Agent management page.
The agent version is always the current version unless automatic agent updates are disabled for your account in Agent Management. If your user role is granted Manage permissions for Version Control, you can click the agent version to go to the Agent Management page.
Offline Freeze Rule: indicates whether an activated Offline Freeze rule is assigned to the policy group.
Possible values are None, Active, and Inactive.
Policies area: shows the following information about each policy:
- The device platforms that are unsupported by the policy
  Hover over any platform icon to view more information.
- Current activation status (On/Off) of the policy
To view a description of each policy, click . To hide them again, click .
The Policies section may include policies that are not supported by the Absolute product licenses associated with your account. These policies can't be activated. See License upgrade required.

License Status area: shows the following information about the license validation status of each policy:

Last validated <date and time>: shows the date and time when the licenses assigned to the policy group's devices were last validated against an activated policy. For example, moving a device between policy groups automatically triggers license validation of the target policy group.
To rerun validation for all activated policies, click . The date value refreshes to the current date and time.

Each policy shows one of the following license validation indicators:

Indicator	Details
	All devices passed license validation The policy is activated on all supported devices.
Some devices require a license upgrade	Some devices passed license validation, and some did not The policy is activated on all validated and supported devices. To view information about the product (or products) required to activate the policy, click the (Help and Support) icon. A tooltip shows each product's respective counts of available licenses. To view the list of licensed devices that need a license upgrade before the policy can be activated on them, click Show devices. The policy's ineligible devices report opens to show the devices that lack the required license, or licenses. From this report, you can select one or more devices and click Change License to assign a license to the devices or Change Policy Group to move the devices to another policy group. Since policy activation is not supported on unlicensed devices, they are excluded from the license validation process. As a result, unlicensed devices are not listed on the policy's ineligible devices report. When unlicensed devices exist in your account, an orange banner showing the count of unlicensed devices is presented at the top of each console page. To open a report showing all unlicensed devices, click View devices in the banner. If required, you can contact Absolute Sales to purchase more licenses.
License upgrade required	Indicates that the policy is not supported by any of the product licenses currently associated with your account To activate this policy, you will need to contact Absolute Sales to upgrade your product licenses.

Indicator

Details

All devices passed license validation

The policy is activated on all supported devices.

Some devices require a license upgrade

Some devices passed license validation, and some did not

The policy is activated on all validated and supported devices.

To view information about the product (or products) required to activate the policy, click the (Help and Support) icon. A tooltip shows each product's respective counts of available licenses.
To view the list of licensed devices that need a license upgrade before the policy can be activated on them, click Show devices. The policy's ineligible devices report opens to show the devices that lack the required license, or licenses. From this report, you can select one or more devices and click Change License to assign a license to the devices or Change Policy Group to move the devices to another policy group.
Since policy activation is not supported on unlicensed devices, they are excluded from the license validation process. As a result, unlicensed devices are not listed on the policy's ineligible devices report.
When unlicensed devices exist in your account, an orange banner showing the count of unlicensed devices is presented at the top of each console page. To open a report showing all unlicensed devices, click View devices in the banner.

If required, you can contact Absolute Sales to purchase more licenses.

License upgrade required

Indicates that the policy is not supported by any of the product licenses currently associated with your account

To activate this policy, you will need to contact Absolute Sales to upgrade your product licenses.

To view the policy configurations that apply to this policy group, do one or more of the following:
- To view the current policy configurations for an Endpoint Data Discovery policy:
  1. Next to Endpoint Data Discovery, click Configure. The Configure EDD dialog opens showing the policy rules and scan schedule that are applied.
  2. Click Cancel to close the dialog.
- To view the current policy configurations for an Application Resilience policy:
  1. Next to Application Resilience, click Configure. The Application Resilience dialog opens showing the current policy configurations associated with a resilient application A third party application that is actively monitored by the Secure Endpoint Agent. This feature is available only when the Application Resilience policy is activated on a Windows device. Depending on the configuration of this policy, the agent may be able to repair the application if it's non-compliant, or reinstall it if it's missing., organized by activation status (Active/Inactive).
  2. Click to close the dialog.
- To view the current Custom Data data points assigned to the policy group:
  1. Next to Custom Data, click Configure. The Custom Data overview opens showing the assigned and unassigned data points.
  2. Click to close the overview.
- To view the current policy configurations for a Required Applications policy:
  1. Next to Required Applications, click Configure. The Required Applications dialog opens showing all current application policies, organized by assigned status (Assigned/Unassigned).
  2. Click to close the dialog.
- To view the current policy configurations for a Device Compliance policy:
  1. Next to Device Compliance, click Configure. The Device Compliance dialog opens showing the compliance conditions that are applied.
  2. Click Cancel to close the dialog.

If a icon shows to the left of the activation slider for the Playbooks policy, some devices in the policy group do not meet the system requirements for Playbooks. Learn more

If you have the Manage permission for Policies, you can:

Click a policy's activation slider (if available) to activate or deactivate the policy.
Update the policy group's properties.
Click to add devices to the policy group.
Click to delete a custom policy group. This option is not available in the Global Policy Group.