Quarantine rules for Fw | CS 14.02
Does someone knows how to activate the use of the Quarantine Mode with CS 14.02?
Of course, 'Enable network quarantine' box is checked.
As no ruleset are defined by default with version 14.x, I try to create a custom 'Network Quarantine' profile... keeping exactly the same name as for the version 13...
but no way...
As soon as my F-Secure set my computer into quarantine, I can read in the interface this : Network Isolation. I was expecting to read 'Network Quarantine'.
And if I check the rules in the Windows Firewall (advanced mode), my custom profile is not applied at all.
Is it still possible to customize the ruleset in quarantine mode??
> Is it still possible to customize the ruleset in quarantine mode??
No, it's not possible for 14 versions currently. We have a plan to implement this possibility, and most likely it will be available in the next version after 14.10.
Today I installed PM 14.20.
There is a new option, named 'Network isolation'.
Is it this I have to use to define customized FW quarantine rules... Or is it simply a new option to isolate 'manually' some devices when an attack is suspected to occurs?
It's not clear for me... and I found very few informations on this topic until now...
I will greatly appreciate any advices...
Network isolation rules are the firewall rules applied when a managed host gets isolated. It can become isolated either due to Network quarantine feature when certain criteria are not met, or get isolated manually by Policy Manager administrator using Operations > Network isolation > Isolate remote operation. The same isolation rules will be applied in both cases.
how do I configure F-secure so I can use Network Isolation on a host?
- Enable the firewall
- setting a network isolation rule
but when I go to Operations and select Isolate on the host, nothing seems to happen.
Any info on this would be welcome.