Quarantine rules for Fw | CS 14.02

Highlighted
Aspirant

Quarantine rules for Fw | CS 14.02

Hi everyone,

 

Does someone knows how to activate the use of the Quarantine Mode with CS 14.02?

 

Of course, 'Enable network quarantine' box is checked.

 

As no ruleset are defined by default with version 14.x, I try to create a custom 'Network Quarantine' profile... keeping exactly the same name as for the version 13...

but no way...

As soon as my F-Secure set my computer into quarantine, I can read in the interface this : Network Isolation. I was expecting to read 'Network Quarantine'.

And if I check the rules in the Windows Firewall (advanced mode), my custom profile is not applied at all.

 

Is it still possible to customize the ruleset in quarantine mode??

 

Vincent

1 ACCEPTED SOLUTION

Accepted Solutions
F-Secure
F-Secure

Re: Quarantine rules for Fw | CS 14.02

Hello Vincent,

 

> Is it still possible to customize the ruleset in quarantine mode??

No, it's not possible for 14 versions currently. We have a plan to implement this possibility, and most likely it will be available in the next version after 14.10.

 

Best regards,

Vad

View solution in original post

7 REPLIES 7
F-Secure
F-Secure

Re: Quarantine rules for Fw | CS 14.02

Hello Vincent,

 

> Is it still possible to customize the ruleset in quarantine mode??

No, it's not possible for 14 versions currently. We have a plan to implement this possibility, and most likely it will be available in the next version after 14.10.

 

Best regards,

Vad

View solution in original post

Aspirant

Re: Quarantine rules for Fw | CS 14.02

Hi everybody...

 

Still any news about this update?

We really need this functionnality. It's very important for us to be able to customize FW rules while being in quarantine mode.

 

Vincent.

F-Secure
F-Secure

Re: Quarantine rules for Fw | CS 14.02

Hello Vincent,

 

No more updates at the moment. Work is in progress, and the solution is expected in the next PM version (14.20).

 

Best regards,

Vad

Aspirant

Re: Quarantine rules for Fw | CS 14.02

Hi,

 

Today I installed PM 14.20.

There is a new option, named 'Network isolation'.

Is it this I have to use to define customized FW quarantine rules... Or is it simply a new option to isolate 'manually' some devices when an attack is suspected to occurs?

 

It's not clear for me... and I found very few informations on this topic until now...

 

I will greatly appreciate any advices...

 

Best regards,

 

Vincent.

 

 

F-Secure
F-Secure

Re: Quarantine rules for Fw | CS 14.02

Hello Vincent,

 

Network isolation rules are the firewall rules applied when a managed host gets isolated. It can become isolated either due to Network quarantine feature when certain criteria are not met, or get isolated manually by Policy Manager administrator using Operations > Network isolation > Isolate remote operation. The same isolation rules will be applied in both cases.

 

Best regards,

Vad

Aspirant

Re: Quarantine rules for Fw | CS 14.02

Hi Vad,

 

This is exactly what we were waiting for...

 

And it works perfectly...

 

Thank you. 

Aspirant

Re: Quarantine rules for Fw | CS 14.02

Hi _Vincent,

 

how do I configure F-secure so I can use Network Isolation on a host?

Í've tried

- Enable the firewall

- setting a network isolation rule

but when I go to Operations and select Isolate on the host, nothing seems to happen.

Any info on this would be welcome.

Thanks,

Klaas