cancel
Showing results for 
Search instead for 
Did you mean: 
Nacho
Level 7
Report Inappropriate Content
Message 1 of 6

rogue system dectection

Jump to solution

hello,

pls what does "exceptions" in rogue system detection actually indicate?

1 Solution

Accepted Solutions
tonyb99
Level 13
Report Inappropriate Content
Message 4 of 6

rogue system dectection

Jump to solution

In epo 4.5...

menu

automation

automatic responses

create a new response

in the event section choose rogue system events rather than epo notification ones

choose rogue system dectected as the type and then next

then add in filters

in OS platform for example you can exempt macintosh,novell,BSD,linux,printer etc etc

We for instance use a certain brand of IP phone so I filter on that organization

you can set response to just set them all as exceptions then add them to groups later from the RSD exceptions list in the interface or create lots of responses

5 Replies
tonyb99
Level 13
Report Inappropriate Content
Message 2 of 6

rogue system dectection

Jump to solution

The RSD sensors show every device they can find on the subnets they are on, including pc's, macs, printers, routers, black box devices etc

A lot of these devices are of no use within RSD as they cant take/don't need an agent so you can create exception categories and add these devices to these categories as exceptions they will now no longer fill up RSD as rogues. I use automatic responses based on the detection of a rogue system to move these devices into exceptions.

You can of course also add for instance pc's covered by another AV solution or other stuff like this too

Nacho
Level 7
Report Inappropriate Content
Message 3 of 6

rogue system dectection

Jump to solution

thanx tony,

its clearer now.but can you throw more light on this statement you made " I use automatic responses based on the detection of a rogue system to move these devices into exceptions." and how you do it

tonyb99
Level 13
Report Inappropriate Content
Message 4 of 6

rogue system dectection

Jump to solution

In epo 4.5...

menu

automation

automatic responses

create a new response

in the event section choose rogue system events rather than epo notification ones

choose rogue system dectected as the type and then next

then add in filters

in OS platform for example you can exempt macintosh,novell,BSD,linux,printer etc etc

We for instance use a certain brand of IP phone so I filter on that organization

you can set response to just set them all as exceptions then add them to groups later from the RSD exceptions list in the interface or create lots of responses

rogue system dectection

Jump to solution

Great explanation.

Even i could do that

Nacho
Level 7
Report Inappropriate Content
Message 6 of 6

rogue system dectection

Jump to solution

Tony thanks..you rock!....i did it as you said and it worked