Sangfor Community»Categories Products Endpoint Secure How to unquarantine files from ES MGR

How to unquarantine files from ES MGR

views: 5556 | comments: 5 | added to Favorites 0
Lights on | 提示:支持键盘翻页<-左 右->
    组图打开中,请稍候......
Created: 02 Jun 2022 15:40

Summary:

Hi guys, 1.How do we un quanrantine or restore files from the endpoint secure manager after we did an action "fixed" ? Below is screenshot from admin logs that show quarantine files.

Reply

Mei Ying Posted 28 Jun 2022 18:52

After performing "fixed" action, you can view the "fixed" security event by going to Response > Threat Response > Security Events > Fixed. Select the security event you wish to restore or unquarantine, then click "Restore", so it will restore to the file location.

FYI, Sangfor ES will quarantine malicious events, but will not automatically delete the files (including malware, virus, etc), until user selects a security event and click "Delete".
Faisal P Posted 16 Jun 2022 15:16
You can configure traffic profiles and traffic rules in traffic policy view. A traffic profile specifies the guaranteed bandwidth and maximum bandwidth.
regidorreyes Posted 16 Jun 2022 15:08
Viruses, Malwares like the activator will be deleted instantly and will not be quarantined so you have no option to unquarantine it. That is the behavior of Sangfor ES and only the not so malicious will be quarantined.

In order to  repair it,  go to the security event tab, then  click the quarantine file and click "repair" then wait a few minutes to complete
jetjetd Posted 14 Jun 2022 19:03
It will be deleted once you click to fix it since it is an activator and the appliance will threat it as malware.
rivsy Posted 14 Jun 2022 15:45
To repair it click the security event, then on the security events tab click the quarantine file and click "repair" and wait until status is complete
Please see below picture for diagram

mgr1.png (122.23 KB, Downloads: 708)

mgr1.png

mgr2.png (126.85 KB, Downloads: 703)

mgr2.png