9.3.8 Controlling the network connections of devices in response to the evaluated security status
You can use action items in security policies to control the network connections of computers in response to the evaluated security status.
The controlling of network connections requires the monitoring of network segments where computers belong. For details about how to monitor network connections, see 8. Managing Network Connections of Devices.
- Tip
-
You can block or allow network connections by selecting Device Inventory and then Device List in the Inventory module, selecting a computer in the Device List view, and then using Action.
To block or allow the network connections of devices in response to the evaluated security status:
Take the following steps to block or allow network connections in response to the evaluated security status:
-
Display the Security module.
-
Select Security Policy and then Security Policy List. In the Security Policy List view, click the Edit button for the security policy assigned to the computer that messages should be sent to.
-
In the displayed dialog box, select Action Items and then Network Connection Control.
-
Click Enabled.
-
Specify the violation level for blocking network connections and the conditions for rejecting connections, and then click OK.
If the evaluated security status exceeds the violation level, computers are blocked from the network. If a computer is blocked from the network, contact the user of the computer and request the user to address the security issues. If the security status returns to normal and goes below the violation level, the network connection will automatically be allowed again.