The Create Profile<\/strong> workflow lets IT administrators define a new configuration policy for any supported endpoint type. Profiles are modular, each profile is built around a single policy type (e.g., Firewall, BitLocker, Device Control), giving you precise, targeted control without bundling unrelated settings.<\/p>\n\n\n\n Typical Use Cases:<\/strong><\/p>\n\n\n\n At the top of the Profile Creation page, select the operating system platform for which you are creating the profile:<\/p>\n\n\n\n Note:<\/strong> Some profile types (e.g., BitLocker, Windows Update Policy) are available only on Windows. Platform-specific options will display based on your selection.<\/p>\n<\/blockquote>\n\n\n\n Click on the tile corresponding to the type of configuration you want to create. The available profile types for Windows are:<\/p>\n\n\n\n After selecting a profile type, you will be taken to the configuration form for that policy. Fill in the required settings. Each profile type has its own configuration fields. For example:<\/p>\n\n\n\n Example: Creating a Firewall Profile<\/strong><\/p>\n\n\n\n Example: Creating a BitLocker Profile<\/strong><\/p>\n\n\n\n Once your configuration settings are complete, you have two options:<\/p>\n\n\n\n Best Practice:<\/strong> Always save as Draft first and have a second administrator review the profile before publishing, especially for security-critical policies like Firewall or BitLocker.<\/p>\n<\/blockquote>\n\n\n\n After saving:<\/p>\n\n\n\n Every time you edit and republish a profile, Zecurit increments the version number<\/strong>. The version number is visible in both the Profiles list and within individual device profile association details. This allows you to:<\/p>\n\n\n\n Scenario:<\/strong> A company wants to ensure all new Windows laptops are configured with encryption, USB restrictions, and a hardened firewall before the device reaches the employee’s desk.<\/p>\n\n\n\n Steps:<\/strong><\/p>\n\n\n\n Scenario:<\/strong> The finance team should only be allowed to run approved financial software. All other applications should be blocked.<\/p>\n\n\n\n Steps:<\/strong><\/p>\n\n\n\n Scenario:<\/strong> IT needs to run a PowerShell script every Monday morning to collect compliance data from all endpoints.<\/p>\n\n\n\n Steps:<\/strong><\/p>\n\n\n\n <\/p>\n","protected":false},"featured_media":0,"parent":3016,"menu_order":0,"comment_status":"open","ping_status":"closed","template":"","doc_tag":[],"class_list":["post-3130","docs","type-docs","status-publish","hentry"],"comment_count":0,"_links":{"self":[{"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs\/3130","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs"}],"about":[{"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/types\/docs"}],"replies":[{"embeddable":true,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/comments?post=3130"}],"version-history":[{"count":1,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs\/3130\/revisions"}],"predecessor-version":[{"id":3132,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs\/3130\/revisions\/3132"}],"up":[{"embeddable":true,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/docs\/3016"}],"wp:attachment":[{"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/media?parent=3130"}],"wp:term":[{"taxonomy":"doc_tag","embeddable":true,"href":"https:\/\/zecurit.com\/help\/wp-json\/wp\/v2\/doc_tag?post=3130"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\n
Step-by-Step: Creating a Configuration Profile<\/h2>\n\n\n\n
Step 1 : Navigate to Create Profile<\/h3>\n\n\n\n
\n
Step 2 : Select the Target Platform<\/h3>\n\n\n\n
\n
\n
Step 3 : Select the Profile Type<\/h3>\n\n\n\n
Profile Type<\/th> Purpose<\/th><\/tr><\/thead> BitLocker<\/td> Enforce disk encryption on endpoints<\/td><\/tr> Device Control<\/td> Manage USB, Bluetooth, and peripheral access<\/td><\/tr> Application Control<\/td> Allow or block specific applications<\/td><\/tr> Power Management<\/td> Define power and sleep schedules<\/td><\/tr> Deploy Script<\/td> Execute scripts on managed endpoints<\/td><\/tr> Deploy Software<\/td> Automate software deployment<\/td><\/tr> Firewall<\/td> Configure and enforce firewall rules<\/td><\/tr> User Management<\/td> Manage local users and groups<\/td><\/tr> Windows Update Policy<\/td> Control Windows Update behavior<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n Step 4 : Configure Profile Settings<\/h3>\n\n\n\n
\n
\n
Step 5 : Save as Draft or Publish<\/h3>\n\n\n\n
\n
\n
Step 6 : Verify in the Profiles List<\/h3>\n\n\n\n
\n
Profile Versioning<\/h2>\n\n\n\n
\n
Use Case Examples<\/h2>\n\n\n\n
Use Case 1 : New Employee Onboarding Security Baseline<\/h3>\n\n\n\n
\n
Use Case 2 : Department-Specific Application Policy<\/h3>\n\n\n\n
\n
Use Case 3 : Scheduled Script Execution for Compliance Audit<\/h3>\n\n\n\n
\n