Disable or Enable All Protection Rules
Table of Contents
4.2 (EoS)
Expand all | Collapse all
-
- Set Up the Endpoint Infrastructure
- Activate Traps Licenses
-
- Endpoint Infrastructure Installation Considerations
- TLS/SSL Encryption for Traps Components
- Configure the MS-SQL Server Database
- Install the Endpoint Security Manager Server Software
- Install the Endpoint Security Manager Console Software
- Manage Proxy Communication with the Endpoint Security Manager
- Load Balance Traffic to ESM Servers
-
- Malware Protection Policy Best Practices
- Malware Protection Flow
- Manage Trusted Signers
-
- Remove an Endpoint from the Health Page
- Install an End-of-Life Traps Agent Version
-
-
- Traps Troubleshooting Resources
- Traps and Endpoint Security Manager Processes
- ESM Tech Support File
-
- Access Cytool
- View the Status of the Agent Using Cytool
- View Processes Currently Protected by Traps Using Cytool
- Manage Logging of Traps Components Using Cytool
- Restore a Quarantined File Using Cytool
- View Statistics for a Protected Process Using Cytool
- View Details About the Traps Local Analysis Module Using Cy...
- View Hash Details About a File Using Cytool
Disable or Enable All Protection Rules
If the endpoint protection security policy
is causing issues for endpoints in your organization, you can quickly
disable all active policy rules including the default policy rules.
Disabling protection effectively removes all restrictions and halts
the following tasks:
- Traps injection into all processes that run in the future
- Validation against WildFire
- Further data collection
Modifying security
policy rules while all protection is disabled has no effect until
protection is re-enabled.
After disabling protection and resolving
the issues, you can restore all the policy rules at the same time by
enabling all protection. (Enabling protection does not activate
rules that were previously deactivated.)
In a scenario where
you need to disable only a single rule or small group of rules,
you can individually select and deactivate those rules from the
rule management page specific to that rule type.
- From the ESM Console, select any rule management page, such as PoliciesMalwareRestrictions.
- Select the action menu .
![]()
- Do either of the following:
- To disable protection, select Disable All Protection. The ESM disables all rules and sends the updated security policy to the endpoints at the next heartbeat communication with the Traps agents.
- To enable protection, select Enable All Protection. The ESM re-enables all rules and sends the updated endpoint protection security policy to the endpoints at the next heartbeat communication with the Traps agents.
