Adding an exclusion from a network isolation rule
To add an exclusion to a previously created network isolation rule:
- Select the Endpoint Agents section in the window of the program web interface.
This opens the table of hosts.
- Select the isolated host for which you want to create an exclusion from the network isolation rule.
This opens a window containing information about the host.
- Click the Add to exclusions link to expand the Exclusions for the host isolation rule settings group.
- Select the direction of network traffic that must not be blocked:
- Incoming/Outgoing.
- Incoming.
- Outgoing.
- In the IP field, enter the IP address whose network traffic must not be blocked.
- If you selected Incoming or Outgoing, in the Ports field enter the connection ports.
- If you want to add more than one exclusion, click Add and repeat the steps to fill in the Traffic direction, IP and Ports fields. Click Save.
The network isolation rule exclusion will be added.
You can use a proxy server to let Kaspersky Endpoint Agent for Windows connect to Kaspersky Anti Targeted Attack Platform. When you add this proxy server to exclusions, network resources that can be accessed through the proxy server are also added to exclusions. If network resources that are accessed through the proxy server are added to exclusions, but the proxy server itself is not, such exclusions do not work.
Users with the Security auditor and Security officer roles cannot create exclusions from a network isolation rule.
Page top