Why a Process Is Still Isolated After It Was Whitelisted?
After you add a process to the whitelist, it will no longer trigger certain alarms, but its isolation will not be automatically canceled.
Isolating and Killing a Malicious Program
- Choose Installation & Configuration and click the Security Configuration tab. Click the Isolation and Killing of Malicious Programs tab and enable this function.
- Choose Detection > Alarms. In the Events area, manually isolate and kill malicious programs.
If a program is isolated and killed, it will be terminated immediately and no longer able to perform read or write operations. Isolated source files of programs or processes are displayed on the Isolated Files slide-out panel and cannot harm your servers.
Canceling the Isolation of Files
- Choose Detection > Events. In the Alarm Statistics area, click View Details under Isolated Files, and locate the target server and click Restore in the Operation column.
After you cancel isolation, the read/write permissions of files will be restored, but terminated processes will not be automatically started.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot