1 Reply Latest reply on Jul 8, 2014 4:45 AM by pierce





      Is there anyone out there running automation for their threats and intervention actions for those threats?  Here is what i am looking to do.  For instance, if a system is infected by critical malware (handled or not handled), to somehow push a firewall policy to that system based on a tagged rule.  How would that be automated?


      Thanks and feel free to give other ideas.

        • 1. Re: Automation

          Set up an automatic response to malware detection and tag the system with something like 'LockDownFirewall' Then have a policy assignment task to only apply your new policy to systems with the tags.


          Had a similar thing setup with see malware, tag system, tag kicks off a full scan.


          Once you get it all ironed out it should prove to be very useful in lots of situations!