If there are machines on the network which you don’t want the EndPointSecurity agent to be deployed on, you may prevent these from being auto discovered every time by adding them in the console in a separate group and with no policy assigned. This way the machines will not use up a license and when auto discovery runs they will be skipped.
- Open the EndPointSecurity console and go to Configuration -> Computers
- Right click on the group ‘Not Controlled’ and select ‘Add computer(s)…’ *
- Select the machines which you do not want the agent to be deployed on and click on ‘Finish’
- Right click on the machines and select ‘Assign policy…’
- Select ‘(None)’ and click on ‘OK'
* Alternatively you may choose to create a new group by selecting ‘Create new computer group…’ under Common Tasks