Configuring the duration of automatic network isolation

You can configure the duration of automatic network isolation only if integrated with Kaspersky Endpoint Detection and Response Optimum:

Network isolation of devices isolated by the IOC Scan task is automatically disabled after a certain length of time. You can configure this timeout in the Web Console in the device properties and in policy properties.

If a policy is applied to the device, the settings specified in the policy are applied; the automatic network isolation timeout cannot be configured in the device properties. If a policy is not applied to the device, the settings specified in the device properties are applied.

By default, the application disables network isolation 5 hours after it is enabled. With network isolation disabled, the device can operate on the network without restrictions.

Configuring the automatic disabling of network isolation in the device properties

To configure the automatic disabling of device network isolation:

1. In the main window of the Web Console, select Assets (Devices) → Managed devices.

   The list of managed devices opens.

2. Select the administration group containing the necessary device. To do so, click the link in the Current path field above the list of managed devices and select an administration group in the window that opens.

   The list displays only the managed devices for the selected administration group.

3. Find your device in the list and click on its name.
4. This opens a managed device properties window; in that window, go to the Applications tab.
5. In the list of applications installed on the device, click Kaspersky Endpoint Security.
6. In the application properties window that opens, on the Application settings tab, select Detection and Response and click the Endpoint Detection and Response Optimum link.
7. Under Network isolation, click Configure device unblocking.
8. In the Configure device unblocking window that opens, specify the device unblock settings.

   Device unblocking settings

   Setting	Description
   Unblock an automatically isolated device after:	This check box enables or disables automatic unblocking of an isolated device after the time period specified in the input field below. The check box is selected by default.

9. Save your changes.

Configuring the automatic disabling of network isolation in the policy properties

To configure the automatic disabling of device network isolation:

1. In the main window of the Web Console, select Assets (Devices) → Policies and policy profiles.

   The list of policies opens.

2. Select the administration group containing the devices to which the policy is applied. To do so, click the link in the Current path field in the upper part of the window and in the opened window, select an administration group.

   The list displays the policies configured for the selected administration group.

3. Click the name of the required policy in the list.

   The policy properties window opens.

4. In the policy properties window, select Application settings → Detection and Response → Endpoint Detection and Response Optimum.
5. Under Network isolation, click Configure device unblocking.
6. In the Configure device unblocking window that opens, specify the device unblock settings.

   Device unblocking settings

   Setting	Description
   Unblock an automatically isolated device after:	This check box enables or disables automatic unblocking of an isolated device after the time period specified in the input field below. The check box is selected by default.

7. Save your changes.

Page top