Configuring network isolation exclusions

You can configure exclusions:

• In the policy properties
• In the device properties

Network connections that are covered by the configured rules remain unblocked on the device after network isolation is enabled.

By default, network profiles consisting of rules that ensure uninterrupted operation of devices with the DNS/DHCP server and DNS/DHCP client roles are excluded from network isolation.

Exclusions defined in policy properties are applied only if network isolation is automatically enabled by the application as a result of reacting to the detection of indicators of compromise (IOC).

Exclusions defined in device properties are applied only if network isolation is manually enabled in the device properties or in the alert details window.

An active policy does not prevent the network isolation exclusions defined in the device properties from being applied.

You can view the list of network isolation exclusions:

• In the policy properties (Application settings → Detection and Response → Endpoint Detection and Response Optimum → Exclusions link)
• In the device properties (Assets (Devices) → Managed devices → <device name> link → <name of the Kaspersky Endpoint Security 12.1 for Linux application> link → Application settings → Detection and Response → Endpoint Detection and Response Optimum → Exclusions link)
• in the command line

In this section Adding or removing network isolation exclusions in policy properties in the Web Console Adding or removing a network isolation exclusion in device properties The network isolation exclusion adding window The Network profiles dictionary window

Page top