Configuring Security Risk Outbreak Prevention

When an outbreak occurs, enforce outbreak prevention measures to respond to and contain the outbreak. Configure prevention settings carefully because incorrect configuration may cause unforeseen network issues.

  1. Go to Agents > Outbreak Prevention.
  2. In the agent tree, click the root domain icon () to include all agents or select specific domains or agents.
  3. Click Start Outbreak Prevention.
  4. Click any of the following outbreak prevention policies and then configure the settings for the policy:
  5. Select the policies you want to enforce.
  6. Select the number of hours outbreak prevention will stay in effect. The default is 48 hours. You can manually restore network settings before the outbreak prevention period expires.
    Warning:

    Do not allow outbreak prevention to remain in effect indefinitely. To block or deny access to certain files, folders, or ports indefinitely, modify endpoint and network settings directly instead of using Apex One.

  7. Click Start Outbreak Prevention.

    The outbreak prevention measures you selected display in a new window.

  8. Back in the Outbreak Prevention agent tree, check the Outbreak Prevention column.

    A check mark appears on endpoints applying outbreak prevention measures.

Apex One records the following events in the system event logs:

  • Server events (initiating outbreak prevention and notifying agents to enable outbreak prevention)

  • Security Agent event (enabling outbreak prevention)