Hello, could someone give a recommended configuration for a Rule Assignment & action enforcement because the product shows a pop up so often in the client computer and this butters them, but we want to be protected.
In addition, when you have a nice list of files and certificates in your TIE Reputations, you should go ahead and see if there are any malicious files. If there are, check them to see if they are actually malicious (as to avoid unintentional blocking of those) and classify with an enterprise reputation accordingly. Then, uncheck Observe Mode and block at Might Be Malicious (you may want to test this on a subset of your systems). It's up to you to decide what to do with Known Malicious files, you could delete them. Careful to not block unknowns unless you're sure of the effects that will have.