Policy Enforcement > Add Policy (Step 6: Threat Mitigation Rules)
Threat mitigation rules define how Threat Discovery Appliance (TDA) detections are handled. Network VirusWall Enforcer and the agent can quarantine noncompliant endpoints.
In this screen, you can specify the following policy options:
Enable Threat Mitigation—select this check box to use threat mitigation features.
Monitor endpoints—select this option allow packets from the endpoint to pass. Once monitored, endpoints are considered noncompliant. You can specify a different reassessment schedule for monitored endpoints.
Quarantine endpoints—select this option to prevent endpoints with threats from accessing the network.
Send policy violation data to syslog—select this option to send a log entry to syslog whenever one of the assessment criteria returns a match.
Notify endpoints about policy violations—select this option to display popup notifications on endpoints that violate this section of the policy.