ESET Online Help

Search English
Select the category
Select the topic

Isolate Computer From Network

The Isolate Computer From Network task isolates the selected computers from the network and all connections, except those needed for correct operation of ESET products, will be blocked. The allowed connections include the following:

computer obtains an IP address

communication of ekrn.exe, ESET Management Agent, ESET Inspect Connector

login to a domain

note

Network isolation is available for:

Windows—ESET Endpoint Antivirus/Security and server security products.

macOS—ESET Endpoint Security for macOS version 8 and later.

warning

Network isolation will likely interrupt the normal operation of the computers and you should use it in emergency cases only (e.g. if a severe security issue is identified on a managed computer). You can end the isolation with a client task.

note

Set network isolation exclusions via a policy

You can use a policy to allow specific communication to bypass the network isolation:

1.Navigate to Policies > New policy > Settings > select ESET Endpoint for Windows.

2.Select Protections > Network access protection > click Edit next to Custom exclusions for network isolation (client task). The setting is available only for ESET Endpoint Antivirus/Security for Windows version 12.0 and later.

3.Click Add to add the custom exclusion:

Description—Type the exclusion description.

Remote IP address—Specify a single IP address to be allowed (excluded from isolation).

Target port—Specify a port through which the defined IP address can communicate. If left empty, communication will be allowed through any port or protocol.

The allowed communication is bidirectional.

4.Save the settings, assign the policy to the desired computers running the supported ESET security product and click Finish.

Select one of the following options to create a new Client Task:

Click Tasks > New > add_new_defaultClient Task.

Click Tasks > select the desired task type and click New > add_new_defaultClient Task.

Click the target device in Computers and select icon_tasks Tasks > add_new_defaultNew Task.

Basic

In the Basic section, type basic information about the task, such as a Name and Description (optional). Click Select tags to assign tags.
In the Task drop-down menu, select the task type you want to create and configure. If you have selected a specific task type before creating a new task, Task is pre-selected based on your previous choice. Task (see the list of all Tasks) defines the settings and the behavior for the task.

note

Settings are not available for this task.

Summary

Review the summary of configured settings and click Finish. The Client Task is now created, and a small window will open:

Click Create Trigger (recommended) to specify Client Task Targets (computers or groups) and the Trigger.

If you click Close, you can create a Trigger later—Click the Client Task instance and select restart_default Run on from the drop-down menu.

client_task_finish

You can see the progress indicator bar, status icon and details for each created task in Tasks.