Note: To use this action you must configure a Profile action set for Active Response.
- Log in to the SMS from a client.
- Navigate to the Responder > Actions tab screen.
- On the Response Actions section do one of the following:
- Double-click the IPS Quarantine entry.
- Highlight the IPS Quarantine entry and click Edit.
- Highlight the IPS Quarantine entry, right-click and select Edit.
- Highlight the IPS Quarantine entry and from the top menu select Edit > Preferences.
- The Edit Response Action setup wizard displays.
- If you want to customize the Action Name, type a new name for the action. You cannot change the action type.
- Select Quarantine Settings tab and select one of the following options:
- Web Requests
- Select Block.
- Select Redirect to a web server. If you select Redirect, enter a web site to access.
- Select Display quarantine web page.
- Other Traffic- Select Block or Permit for the response to host traffic.
- Web Requests
- To allow quarantined hosts to access specific sites, select Quarantine Exceptions in the navigation tree and then click New to create a new listing or select an existing listing and click Edit.
- If you prefer another name for the action, enter the new Name.
- Enter the Address and select CIDR, IP Mask, or Any IP.
- Click OK.
- If you want to test this action, click Test.
- On the Edit Response Action screen, click OK. Add this action to a policy that specifies the values that trigger the response action.
Reference: SMS User Guide