Software Policies

Name: Breeze RMM
Author: LanternOps, LLC.

Define what software belongs on your endpoints — and automatically enforce it.

Allowlist Blocklist Audit Mode Auto-Remediation Winget

Policy modes

15 min

Check cycle

500

Max remediation targets

Remediation statuses

Included — competitors lack native allowlist and auto-enforcement

Software Policies give operators control over what is installed across managed endpoints — with continuous compliance monitoring and automated remediation that closes violations without manual intervention.

Three Enforcement Modes

Breeze supports allowlist mode (only approved software permitted), blocklist mode (specific software prohibited), and audit mode (detect without enforcing). Teams can start in audit mode to understand their fleet baseline before switching to enforcement, eliminating surprises when policies go live.

Continuous Compliance Monitoring

Compliance checks run automatically every 15 minutes against the live software inventory for every targeted device. When a violation is detected — unauthorized software present, or required software missing — Breeze updates the compliance record immediately and can trigger remediation without waiting for the next manual review.

Automated Uninstall

For blocklist and allowlist violations, Breeze can automatically uninstall unauthorized software through native Windows Package Manager (winget) integration. Grace periods and cooldown windows give operators control over remediation timing, while preventing rapid repeated attempts on the same device.

Version Range Enforcement

Rules support minimum and maximum version constraints, not just application names. Teams can block outdated versions of critical software, ensure specific release ranges are maintained across a fleet, and enforce vendor-mandated version requirements without building custom scripts.

Fleet-Wide Compliance Overview

Breeze aggregates per-device compliance status into a single fleet view showing how many devices are compliant, in violation, or not yet evaluated. Drill into specific policies or specific devices to see exactly which software triggered a violation and what remediation action was taken.

Full Audit Trail

Every policy creation, compliance check, and remediation action is recorded with the actor, timestamp, and outcome. This supports internal governance reviews and provides the documentation MSPs need when clients ask about software control on their managed devices.

Capabilities

Three Enforcement Modes

Allowlist restricts to approved software, blocklist bans specified apps, and audit detects without enforcing.

Automated Compliance Checks

BullMQ workers evaluate device inventories against policy rules every 15 minutes with on-demand trigger support.

Auto-Remediation with Cooldown

Violations can trigger automatic uninstall with configurable grace period and cooldown between attempts.

Winget Integration on Windows

Install and uninstall operations run through user-context IPC to the Windows Package Manager for silent operation.

Deploy Now Cloud Waitlist ← All Features