Creating a server-specific threat protection policy
Commented on a previous question, that I'm just getting started on CCA - and recently purchased a 25-license pack of the Advanced CC.
I need to slice up this 25-lic pack and parcel out different license quantities across 3 different customer accounts using TZ units. Right now I'm set up on MSW as a sole tenant under "my" company ID - of which the 25 CCA licenses - and all my client TZ's - are listed under my sole tenant ID.
I need to create separate policies specifically on various customer accounts - to manage the server-side installation of CCA. I need the snapshot feature disabled on "some" servers, but not every server.
I dug into the threat protection policy and see where you can disable snapshots - but I don't see where I can assign "Server Policy A" against "Customer Account A Server" - it looks to me with having "all" customer TZ units resident under my sole tenant ID, that any policy created is global in nature and will apply to all units under my tenant ID that have CCA licenses shared against any respective TZ unit.
Long way around, but do I need to create a separate tenant for each customer account - and transfer the respective TZ out of my tenant to this new customer-specific tenant ID - in order to get device-specific policies created?
I have a ticket currently open with support which had to be referred up the ladder, but I get the feeling they're slammed right now with the new version rollout, so posting here to see if I can get any assistance to get this project moving along.
Appreciate any assistance and TIA - B1N