In the Endpoint Detection and Response window, do the following if necessary:
Enable or disable the Endpoint Detection and Response component.
Configure the Network isolation settings for the user device:
Specify the delay for automatically turning off Network isolation.
Configure the Network isolation exclusions.
Enable or disable Execution prevention.
Select an action to be performed on execution or opening of forbidden object.
Create a list of Execution prevention rules.
Enable or disable Cloud Sandbox technology.
The Endpoint Detection and Response component combines automatic detection of threats with the ability to react to these threats to counteract advanced attacks including new exploits, ransomware, fileless attacks, as well as methods using legitimate system tools.
By default, Endpoint Detection and Response is disabled.