This feature requires special licensing: Endpoint Detection & Response (EDR) Add-On
- Log in to the WFBS-SVC web console.
- Go to SECURITY AGENTS.
- Find the machine you want to isolate then click the endpoint name.
- The endpoint details will show. Click Task > Isolate Endpoint.
- Wait for the agent to receive the network isolation command.
- Once the agent is isolated, you will see the following changes on the web and agent console -
The endpoint name in the web console will have the disconnected icon:
The agent main console will have endpoint isolated icon:
Isolated endpoints lose network access and can only communicate with the Worry-Free Services server.
To allow network traffic between isolated endpoints and other management tools:
- Go to POLICIES > Global Security Agent Settings.
- Click Isolated Endpoints.
- To add an exception, click Add and specify the IP address, protocol, and ports.
- To edit an exception:
- IP addresses or ports: Click the IP address or port and update the setting.
- Protocols: Click the Protocol list and select a protocol.
- To delete an exception, click the trash icon.
- Click Save.
To restore the connection of the isolated endpoint, do the following:
- Find the isolated machine then click the endpoint name.
- The endpoint details will show. Click Restore Connection.
- Wait for the agent to receive the network restore command.
- Once the network of the isolated endpoint is restored, the network access will be back to normal.