Skip to content
Closed
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions defender-endpoint/respond-machine-alerts.md
Original file line number Diff line number Diff line change
Expand Up @@ -226,6 +226,7 @@ Depending on the severity of the attack and the sensitivity of the device, you m
- Exclusions, such as e-mail, messaging application, and other applications for both macOS and Linux isolation aren't supported.
- An isolated device is removed from isolation when an administrator modifies or adds a new `iptable` rule to the isolated device.
- Isolating a server running on Microsoft Hyper-V blocks network traffic to all child virtual machines of the server.
- Isolation restrictions are automatically lifted after a 7-days duration.
Comment thread
ShawnKupfer marked this conversation as resolved.
Outdated

The device isolation feature disconnects the compromised device from the network while retaining connectivity to the Defender for Endpoint service, which continues to monitor the device. On Windows 10, version 1709 or later, you can use selective isolation for more control over the network isolation level. You can also choose to enable Outlook and Microsoft Teams connectivity.

Expand Down
Loading