Policy merging is a new feature in SCEP that allows you to combine two or more SCEP policies into one new policy. This is useful for consolidating polices, and for keeping your list of available policies to a more manageable size.
In order to complete this recipe, you'll need to utilize an account that has at least the Endpoint Protection Managers role assigned to it.
Follow these steps:
- Log into your SCCM CAS server and launch your SCCM 2012 management console.
- Navigate to
Assets and Compliance|Overview|Endpoint Protection|Antimalware Policies. - From the Antimalware Policies list, select the first policy of the group that you're planning to merge and hold down the control key on your keyboard.
- Select the second policy you are planning to merge and click on the Merge button at the top of the user interface.
- The Merge Policies window should appear and verify that all the policies you wish to merge are included in the list.
- Enter a name in the New Policy Name field. In the Base Policy field, select the policy that you believe most closely resembles what you envision the final product to look like. Click on OK to proceed, as shown in the following screenshot:
- The new merged policy should now appear in Antimalware Policies list.
The logic that drives what settings will make it into the newly created merged policy is fairly simple. All the settings that are in the policy you've selected as the base will make it into the new policy. If there are any conflicts between the two policies, the settings in the policy that was selected as the base policy will win. Any settings that are in the secondary policy and not in the base policy will be added to the new merged policy.