Policy Proxy Server Responsibilities › How Policies are Distributed to Clients

How Policies are Distributed to Clients

Threat Management policies are pushed to client machines as follows:

1. Machines are discovered through the Discovery process or by a Phone Home policy.
2. The response from the node contains a hash of the local policies. If the hash of the policies does not match the hash of the policies set for the branch that the machine belongs to, the machine is flagged as requiring updated policies.
3. The CA TM cycles through the database and deploys policies to the nodes that require updating.
4. The policy deployment request is sent to the machine, typically through a Policy Proxy Server.

Due to potential communication timeouts when attempting to deploy policies, the number and types of machines assigned to a branch, and the branches assigned to a Policy Proxy server, can have a significant impact on performance.