About Actions and Remediation Methods

The following table describes the actions and remediation methods that Network VirusWall Enforcer can perform in response to policy violations.

Method

Target

Description

Monitor

Endpoint

Tags the endpoint as noncompliant and applies a more aggressive assessment schedule

Block

Endpoint

Blocks endpoint traffic until the next assessment

Redirect to URL

Web traffic

Opens a specified URL when a blocked or quarantined endpoint attempts to open a website; with this method selected, you can also specify:

  • Allow off-page navigation—select this option to allow endpoint users to follow links from the specified URL.

  • Link depth—this value serves as a limit to the number of links endpoint users can navigate away from relative to the specified URL. You can use this option to prevent unprotected endpoints from reaching harmful or compromised pages.

Quarantine

Endpoint

Blocks endpoint traffic until the endpoint is released through the console

Reject

Application- or protocol-specific packets

Prevents packets from passing and sends a reset packet (RST) to the source

Drop

Application- or protocol-specific packets

Prevents packets from passing

Clean up

Endpoint

Attempt to stop malware and remove its components from the endpoint
See also:

About Actions and Remediation Methods

About Policies

Adding a Policy