Isolate Endpoint Task

You can take remediation measures on user accounts that may pose a security risk to your network environment on the Trend Micro Vision One console.

  1. Locate the device that you want to take action on using the Zero Trust Secure Access or Zero Trust Risk Insights apps.
    • Zero Trust Secure Access: Go to the User Information screen.

    • Zero Trust Risk Insights: Go to the User Profile screen.

  2. Click the options icon () and Isolate Endpoint.

    The Isolate Endpoint Task screen appears.

  3. (Optional) Specify a description for the task.
  4. Click Create.

    Trend Micro Vision One creates the task and displays the current action status on the Access Control History screen.

    Trend Micro Vision One also creates the task and displays the current action status in the Response Management app.

  5. Monitor the task status.
    1. Click View task status in the success message that pops up in the lower right corner.

      The Remediation Logs tab on the Access Control History screen appears.

      You can also go directly to Access Control History > Remediation Logs, and locate the task using the search field.

    2. View the task status under Action status.
      • In progress... (): Trend Micro Vision One sent the command to the enforcement point and is waiting for a response

      • Successful (): The enforcement point successfully received and executed the command

      • Unsuccessful (): An error or time-out occurred when attempting to send the command to the enforcement point

      • Queued (): The server queued the task due to a high volume of requests or because the Security Agent was offline

      Note:

      The task status indicates whether the enforcement point was able to successfully receive and execute the command. It may take a few minutes for the process to complete.

    After resolving the risk issues on the isolated endpoint, you can restore network connectivity using the options icon () in the Zero Trust Secure Access or Zero Trust Risk Insights app.

    For more information, see Restore Connection Task.