F-SECURE ANTI-VIRUS FOR MICROSOFT EXCHANGE 8.00 - Administrator's Manual - page 201
CHAPTER 6
201
6.3
Configuring Network Quarantine
Network Quarantine is an Internet Shield feature that makes it possible to
restrict the network access of hosts that have very old virus definitions
and/or that have Real-time Scanning disabled. Their normal access rights
are automatically restored once the virus definitions are updated and/or
Real-time Scanning is enabled again.
This section describes the Network Quarantine settings and contains an
example on how to enable the Network Quarantine feature in the
managed domain. There is also a short description of how to configure
the Network Quarantine security level by adding new firewall rules (see
“
Fine-Tuning Network Quarantine
”, 202).
6.3.1
Network Quarantine Settings
The network Quarantine Settings are located on the Firewall Security
Levels page. In the Network Quarantine section you can:
Enable or disable network quarantine.
Specify the virus definitions age that activates Network
Quarantine.
Specify whether disabling Real-Time Scanning on a host
activates Network Quarantine.
6.3.2
Enabling Network Quarantine in the Whole Domain
You can enable the Network Quarantine for the whole domain as follows:
1. Select Root in the Policy Domains tab.
2. Go to the Settings tab and select the Firewall Security Levels page.
3. Select Enable network quarantine.
4. Specify the Virus definitions age to activate network quarantine.
5. If you want to restrict the host from accessing the network when
Real-Time Scanning is disabled, select Activate network quarantine
on host when real-time scanning is disabled.