Strategies for Organizing Computers and Policies into Groups

New Boundary Support
Install/Upgrade - General Information

Strategies for Organizing Computers and Policies into Groups


Policy Commander lets you organize computers into groups with similar requirements or having similar functions. Appropriate security polices are then assigned to the group and are enforced for computers within the group.


Likewise, you can organize related policies into groups. For example, you may have a group of policies designed to protect sensitive data.  Computers where data privacy is of utmost importance would be added to the group and would have the data privacy policies enforced.


Automatic Groups

By default, Policy Commander recognizes and automatically creates groups that reflect a computer’s Active Directory OU membership. For example, if your Active Directory domain is called, and computers in the Accounting, Sales, Marketing and Administration OUs are managed with Policy Commander, the Dashboard will automatically show the following group structure:








Note:  If you are not using Active Directory, turn off  “Use Active Directory Naming” option in the Communications Settings section of the Settings page.


Manual Groups

You can also manually create groups to organize computers and/or policies using other criteria, such as location, function, role, etc.


Below is an example of a group structure based on computer roles within the organization. For example, the “Auditors” group would contain the PCs used by auditors when they are on site. A certain set of policies would be added to this group, perhaps policies that would lock down access to various files or folders. 


Minneapolis Headquarters



            Customer Service


            Loan Officers



Rochester Branch


Customer Service

            Loan Officers  



Below is an example of a group structure based on policy content. For example, the “Best Practices – Disable Services” group could contain all the policies supplied by New Boundary Technologies for disabling various services. It could also contain other polices that you authored to disable other services. You would then decide which computers needed to be more secure by having services disabled, and you would add them to the group.


Production Policies

Best Practices – Data Protection Policies

            Best Practices – Disable Services

            NIST Windows XP Security Template Policies

            NIST Windows XP Security Policy Modules

            NIST Windows 2000 Security Template Policies

            NSA Security Template Policies

            Microsoft Security Template Policies


No matter what group structure you choose, you manage groups by adding computers and policies to them.

Also In This Category

On a scale of 1-5, please rate the helpfulness of this article

Not Helpful
Very Helpful
Optionally provide your comments to help us improve this article...

Thank you for your feedback!

Add Your Comments
Email Address:
RadEditor - HTML WYSIWYG Editor. MS Word-like content editing experience thanks to a rich set of formatting tools, dropdowns, dialogs, system modules and built-in spell-check.
RadEditor's components - toolbar, content area, modes and modules
Toolbar's wrapper  
Content area wrapper
RadEditor's bottom area: Design, Html and Preview modes, Statistics module and resize handle.
It contains RadEditor's Modes/views (HTML, Design and Preview), Statistics and Resizer
Editor Mode buttonsStatistics moduleEditor resizer
RadEditor's Modules - special tools used to provide extra information such as Tag Inspector, Real Time HTML Viewer, Tag Properties and other.
Verification Code:
Last Modified: 6 Years Ago
Last Modified By: New Boundary Support
Type: INFO
Article not rated yet.
Article has been viewed 3.1K times.
Customer Support Software By InstantKB 2015-2
Execution: 0.000. 8 queries. Compression Disabled.