When an outbreak occurs, enforce outbreak prevention measures to respond to and contain the outbreak. Configure prevention settings carefully because incorrect configuration may cause unforeseen network issues.

Procedure

  1. Go to AgentsOutbreak Prevention.
  2. In the agent tree, click the root domain icon (icon-root.jpg) to include all agents or select specific domains or agents.
  3. Click Start Outbreak Prevention.
  4. Click any of the following outbreak prevention policies and then configure the settings for the policy:
  5. Select the policies you want to enforce.
  6. Select the number of hours outbreak prevention will stay in effect. The default is 48 hours. You can manually restore network settings before the outbreak prevention period expires.
    WARNING
    WARNING
    Do not allow outbreak prevention to remain in effect indefinitely. To block or deny access to certain files, folders, or ports indefinitely, modify endpoint and network settings directly instead of using Trend Micro Apex One.
  7. Click Start Outbreak Prevention.
    The outbreak prevention measures you selected display in a new window.
  8. Back in the Outbreak Prevention agent tree, check the Outbreak Prevention column.
    A check mark appears on endpoints applying outbreak prevention measures.
Trend Micro Apex One records the following events in the system event logs:
  • Server events (initiating outbreak prevention and notifying agents to enable outbreak prevention)
  • Security Agent event (enabling outbreak prevention)