Configuring exclusions from automatic network isolation

You can add network isolation exclusions for automatically isolated devices in policy properties or in device properties.

Exclusions from network isolation exclusions are not configured by default. If necessary, create exclusions to make sure devices critical to the corporate infrastructure can work without interruption.

You can configure exclusions from network isolation only if integrated with Kaspersky Industrial CyberSecurity Endpoint Detection and Response:

Configuring exclusions from network isolation in policy properties

In the Web Console, you can add and remove network isolation exclusions in the policy properties (Application settings → Detection and Response → Industrial CyberSecurity Endpoint Detection and Response → Configure exclusions link).

In the Exclusions window, you can click the buttons above the table to perform the following actions:

• Add information about the excluded network connection in one of the following ways:
  • Click Add and enter information about the network connection
  • Click Add from profile and select a network profile from the dictionary
• Delete information about a network connection by selecting the check box next to the network connection you want to delete and then clicking the Remove button.

Configuring exclusions from network isolation in device properties

Adding or removing network isolation exclusions in the device properties is not available if a policy is applied to the device.

To add or remove a network isolation exclusion in the device properties:

1. In the main window of the Web Console, select Assets (Devices) → Managed devices.

   The list of managed devices opens.

2. Select the administration group containing the necessary device. To do so, click the link in the Current path field above the list of managed devices and select an administration group in the window that opens.

   The list displays only the managed devices for the selected administration group.

3. Find your device in the list and click on its name.
4. This opens a managed device properties window; in that window, go to the Applications tab.
5. In the list of applications installed on the device, click the name of the Kaspersky Industrial CyberSecurity for Linux Nodes application.

   The application properties window opens.

6. This opens the application properties window; in that window, on the Application settings tab, select Detection and Response and click the Industrial CyberSecurity Endpoint Detection and Response link.
7. This opens a window; in that window, under Exclusions, click the Configure exclusions link to open the Exclusions window.
8. In the window that opens, use the buttons above the table to perform the necessary action:
   • If you want to add information about an excluded network connection, do so in one of the following ways:
     • Click the Add button and enter information about the network connection.
     • Click the Add from profile button and select a network profile from the dictionary.
   • If you want to delete information about an excluded network connection, select the check box next to the network connection that you want to delete and click Delete.
9. Click the OK button to save the changes you have made.

Page top