What happens to endpoints when a policy has no main rule condition specified?

When a policy has no main rule condition specified, the system processes all endpoints that fall within the defined scope of the policy. This behavior ensures that every endpoint is evaluated against the policy, allowing the enforcement actions to apply broadly. Policies are typically designed to manage endpoint behavior and compliance, so if there are no conditions limiting which endpoints get processed, it means that the policy is applicable to all of them.

In practical terms, this means that if the policy is intended to enforce security controls or gather information about endpoint compliance, it will do so regardless of the specific attributes or characteristics of the endpoints. This broad application can be beneficial, particularly in ensuring that no devices are inadvertently left out of important network security measures.