Configuring Security Risk Outbreak Prevention
When an outbreak occurs, enforce outbreak prevention measures to respond to and contain the outbreak. Configure prevention settings carefully because incorrect configuration may cause unforeseen network issues.
- Go to Agents > Outbreak Prevention.
- In the agent tree, click the root domain icon () to include all agents or select specific domains or agents.
- Click Start Outbreak Prevention.
- Click any of the following outbreak prevention policies and then configure the settings for the policy:
- Select the policies you want to enforce.
- Select the number of hours outbreak prevention will stay
in effect. The default is 48 hours. You can manually restore network
settings before the outbreak prevention period expires.
Do not allow outbreak prevention to remain in effect indefinitely. To block or deny access to certain files, folders, or ports indefinitely, modify endpoint and network settings directly instead of using OfficeScan.
- Accept or modify the default agent notification
To configure OfficeScan to notify you during an outbreak, go to Administration > Notifications > Outbreak.
Click Start Outbreak
The outbreak prevention measures you selected display in a new window.
- Back in the Outbreak Prevention agent tree,
check the Outbreak Prevention column.
A check mark appears on endpoints applying outbreak prevention measures.
OfficeScan records the following events in the system event logs:
Server events (initiating outbreak prevention and notifying agents to enable outbreak prevention)
OfficeScan agent event (enabling outbreak prevention)