You can take preventive blocking measures on suspicious objects that may pose a security risk to your network using context menus on the Trend Micro Vision One console.
Adding an object to the User-Defined Suspicious Objects List does not terminate any active processes or connections to the object. To terminate active processes, ensure that you also trigger the Terminate response.
The Add to Block List Task screen appears.
Trend Micro Vision One can add the following types of objects to the User-Defined Suspicious Objects List on selected servers:
|
|
|
|
|
Trend Micro Vision One creates the task and displays the current command status on the Response Management app.
Pending approval () (if applicable): The automated response task was
created on the Workbench app and is waiting for approval
Rejected () (if applicable): The automated response task created on the
Workbench app was rejected
In progress... (): Trend Micro Vision One
sent the command to the managing server and is waiting for a response
Successful (): The managing server
successfully received the command
Unsuccessful (): An error or time-out occurred when attempting to
send the command to the managing server, the Security Agent is offline for more than 24
hours, or the command execution timed out
The Task Status indicates whether the managing server was able to successfully receive the command but does not necessarily mean that the target servers already synchronized the User-Defined Suspicious Objects List to all related products.
Adding an object to the User-Defined Suspicious Objects List does not terminate any active processes or connections to the object. To terminate active processes, ensure that you also trigger the Terminate response.