Quarantine rules for Fw | CS 14.02

Hi everyone,

 

Does someone knows how to activate the use of the Quarantine Mode with CS 14.02?

 

Of course, 'Enable network quarantine' box is checked.

 

As no ruleset are defined by default with version 14.x, I try to create a custom 'Network Quarantine' profile... keeping exactly the same name as for the version 13...

but no way...

As soon as my F-Secure set my computer into quarantine, I can read in the interface this : Network Isolation. I was expecting to read 'Network Quarantine'.

And if I check the rules in the Windows Firewall (advanced mode), my custom profile is not applied at all.

 

Is it still possible to customize the ruleset in quarantine mode??

 

Vincent

Best Answer

  • VadVad Posts: 1,050 F-Secure Employee
    Accepted Answer

    Hello Vincent,

     

    > Is it still possible to customize the ruleset in quarantine mode??

    No, it's not possible for 14 versions currently. We have a plan to implement this possibility, and most likely it will be available in the next version after 14.10.

     

    Best regards,

    Vad

Comments

  • _Vincent__Vincent_ Posts: 14

    Hi everybody...

     

    Still any news about this update?

    We really need this functionnality. It's very important for us to be able to customize FW rules while being in quarantine mode.

     

    Vincent.

  • VadVad Posts: 1,050 F-Secure Employee

    Hello Vincent,

     

    No more updates at the moment. Work is in progress, and the solution is expected in the next PM version (14.20).

     

    Best regards,

    Vad

  • _Vincent__Vincent_ Posts: 14

    Hi,

     

    Today I installed PM 14.20.

    There is a new option, named 'Network isolation'.

    Is it this I have to use to define customized FW quarantine rules... Or is it simply a new option to isolate 'manually' some devices when an attack is suspected to occurs?

     

    It's not clear for me... and I found very few informations on this topic until now...

     

    I will greatly appreciate any advices...

     

    Best regards,

     

    Vincent.

     

     

  • VadVad Posts: 1,050 F-Secure Employee

    Hello Vincent,

     

    Network isolation rules are the firewall rules applied when a managed host gets isolated. It can become isolated either due to Network quarantine feature when certain criteria are not met, or get isolated manually by Policy Manager administrator using Operations > Network isolation > Isolate remote operation. The same isolation rules will be applied in both cases.

     

    Best regards,

    Vad

    etomcat
  • _Vincent__Vincent_ Posts: 14

    Hi Vad,

     

    This is exactly what we were waiting for...

     

    And it works perfectly...

     

    Thank you. 

    Vad
  • Hi _Vincent,

     

    how do I configure F-secure so I can use Network Isolation on a host?

    Í've tried

    - Enable the firewall

    - setting a network isolation rule

    but when I go to Operations and select Isolate on the host, nothing seems to happen.

    Any info on this would be welcome.

    Thanks,

    Klaas 

This discussion has been closed.