make sure that a Host ID is associated with a device by creating
a security policy rule that has
in order to add the Host ID. Without a Host ID, you cannot add a
device to the quarantine list.
The following example
a severity of critical. After you add this profile to a security
policy and these criteria are matched, the firewall adds devices
from where this traffic originated to the quarantine list.
you add the match list, the log forwarding profile displays
, then select the
profile you created.
To automatically quarantine a device using HIP Match
log settings, select
log setting with a
The following log setting has a
with a host ID of
If the HIP Match logs find a match for that host ID, this log setting
adds that device to the quarantine list. Unlike a log forwarding
profile, you do not need to attach this log setting to a security
policy for it to take effect.