Creating a network isolation rule

To create a network isolation rule:

  1. Select the Endpoint Agents section in the window of the program web interface.

    This opens the table of hosts.

  2. Select the host for which you want to enable or disable the network isolation rule.

    This opens a window containing information about the host.

  3. Click Isolate.
  4. In the Disable isolation in field, enter the time in hours (1 to 9999) during which network isolation of the host will be active.
  5. In the Exclusions to the host isolation rule settings group, in the Traffic direction list, select the direction of network traffic that must not be blocked:
    • Incoming/Outgoing.
    • Incoming.
    • Outgoing.
  6. In the IP field, enter the IP address whose network traffic must not be blocked.
  7. If you selected Incoming or Outgoing, in the Ports field enter the connection ports.
  8. If you want to add more than one exclusion, click Add and repeat the steps to fill in the Traffic direction, IP and Ports fields.
  9. Click Save.

The host will be isolated from the network.

You can also create a network isolation rule by clicking the Isolate <host name> link in the event information and in the alert information.

Users with the Security auditor and Security officer roles cannot create network isolation rules.

The network isolation feature is not available for hosts with Kaspersky Endpoint Agent for Linux.

See also

Adding an exclusion from a network isolation rule

Deleting a network isolation rule

Limitations that are relevant to network isolation

Page top