Views:

To perform file updates on endpoints, users can configure Maintenance Mode to define a period when the agents allows all file executions and adds all files that are created, executed, or modified to the Approved List. The agents can learn the newly-added applications and ensure the execution of these applications are under the protected conditions.

Furthermore, during the maintenance period, all newly-added files can be updated and scanned for consistent security. Users can also define the action to take after suspicious files are detected.

Important:
Before using Maintenance Mode, apply the required updates on the following supported platforms for StellarProtect (Legacy Mode) agents:

  • For Windows 2000 Service Pack 4, apply the update KB891861 from the Microsoft Update Catalog website.

  • For Windows XP SP1, upgrade to Windows XP SP2.

Note:

  • If users change the policy settings of Application Lockdown, OT Application Safeguard, Real-Time Malware Scan, and Anti-malware Scanning during maintenance period, the policy settings will not be implemented until the maintenance period is ended.

  • During the maintenance period, you cannot perform agent patch updates on endpoints. In addition, the StellarProtect (Legacy Mode) agent does not support Windows updates that require restarting an endpoint during the maintenance period.

  • To run an installer that deploys files to a network folder during the maintenance period, StellarProtect (Legacy Mode) must have access permission to the network

  1. Go to Agents > All.
  2. Click the All group on the Agents screen. The Agents screen displays a list of agents managed by StellarOne.
  3. Select one or more endpoints (agents or groups) by clicking the checkboxes next to them.
  4. Click the Protection button from the Tool Bar at the top of the Agents screen.
  5. A pop-up window appears. Click the Configure Maintenace Mode option.
  6. Click Confirm.
  7. The configuration window appears. Please read the notice carefully before you check the Disable or Enable radio button.

    • Click Disable > OK to end Maintenance Mode. This will cancel the scheduled maintenance period on endpoints.

      1. A warning message appears. Please read carefully before proceeding to next step.
        Important:

        If the Maintenance Mode is ended, the endpoint will start blocking the execution of files that are not recognized by the Application Lockdown and OT Application Safeguard.

      2. Click OK to end Maintenance Mode. A pop-up window appears showing the deployment status of stopping Maintenance Mode on endpoints.

    • Click Enable to start the Maintenance Mode settings. Please go to Step 8 for next procedure.

      Important:

      To reduce risk of infection, run only applications from trusted sources on endpoints during the maintenance period.

  8. The schedule configuration window appears. Do one of the following for scheduling Maintenance Mode.
    Note:

    • Agents can start one scheduled maintenance period at a time. If users configure a new maintenance period, the system overwrites the existing maintenance schedule that has not started yet.

    • When the agent is about to leave Maintenance Mode, restarting the endpoint prevents StellarProtect (Legacy Mode) from adding files in the queue to the Approved List.

    • Click the Schedule radio button, and then click the edit icon to select the start date and specify the start time for Maintenance Mode. After that, specify the duration of the maintenance period in Maintenance Mode will be ended after.

    • Click the Start now radio button, and then specify the duration of the maintenance period in Maintenance Mode will be ended after.

  9. A Scan toggle switch is added at the bottom and is set enabled by default.
    Note:

    If users disable scan feature in the policy settings, it is advisory to enable scan feature here during maintenance period to ensure seamless protection. After maintenance period ends, the system will follow the original policy settings (in which the scan feature is disabled).

  10. Select one of the actions to take if suspicious files are detected during scanning:

    • Quarantine detected files

    • Add detected files to Approved List

  11. Click OK to deploy the settings to the selected agents or groups.
  12. The Command Deployment window appears showing the deployment status. Click the Close button to close the window.
Parent topic: Protection