Isolating and unisolating a device

Isolating a device blocks all internal and external network traffic to the device except for communication with the Management Console. This is useful when you want to disconnect a device that might be infected with malware from all networks and minimize the scope of the potential infection. You can also unisolate a device to restore it to all networks.

Note that to isolate or unisolate a device, it must be running PC Agent 9.0.36.40 or later, or Mac Agent 9.6.4 or later.

Best practices:

• To ensure that devices can be isolated and unisolated as quickly as possible, turn off the "Allow SecureAnywhere to be shut down manually" setting in your Policies. If Endpoint Protection is shut down on a device, the device cannot be isolated or unisolated until Endpoint Protection starts again.

• If you need to isolate a device, we recommend also disconnecting the device from any VPN. If a device might have malware, it should not be connected to a VPN.

To isolate a device:

1. In the process tree view, click Isolate Device.

2. The device will show that it is in Pending Isolation status, as denoted by a disabled button.

3. Once the Pending Isolation period is over, the device will show that it is Isolated.

To unisolate an isolated device:

1. In the process tree view, click Unisolate Device.

2. For a few moments, the device will show that it is in Pending Unisolation status.