<< PREVIOUS  NEXT >>

MONITORING MODES

To modify the VSP Host Monitoring mode:

1. On the Host Monitoring page, click the below icon

   

2. Select all the required hosts and click Manage Monitoring Mode

   

3. Select the required option

   1. Protect – Processes and libraries (if library monitoring is enabled) that are not found in the process profile are suspended/blocked immediately. They are not acted upon until the user adds the detected errant process/library to the allowlist or deletes it on CMS.

      1. In cases where the errant process/library is added to the allowlist, the process/library is resumed

      2. In cases where the errant process/library is deleted from the allowlist, the process (or the process containing the errant library) is killed

      3. An un-allowlisted process on Windows is NOT allowed to execute

      4. Click Move to Protect Mode. Click YES on the confirmation screen

         

   2. Detect – Processes and libraries (if library monitoring is enabled) that are not found in the process profile are reported immediately to CMS.

      1. The processes/libraries are not stopped from executing

      2. If additional protection actions are configured in a protection profile, these actions are executed in response to a reported incident

      3. Click Move to Detect Mode. Click YES on the confirmation screen

         

   3. Disable – The selected host is NOT monitored. Click Disable Monitoring. Click YES on the confirmation screen

      

       

        NOTE:

        Protect, Detect or Disable options can be chosen for each host

       

4. Click CLOSE

   

<< PREVIOUS  NEXT >>