🌙
 

Subscribe to the Taegis™ XDR Documentation RSS Feed at .

Learn more about RSS readers or RSS browser extensions.

Taegis Endpoint Agent Host Isolation Exceptions

integrations endpoints edr taegis agent secureworks


Use Host Isolation Exceptions to access Taegis™ XDR Endpoint Agents in an isolated state from an approved CIDR range. By default, endpoints in an isolated state are limited to agent-related traffic only; a CIDR exception rule allows additional network traffic to isolated endpoints within that range.

Note

Exceptions is only available for tenants with the Taegis Endpoint Agent.

To view Exceptions:

  1. From the Secureworks® Taegis™ XDR left-hand side navigation, select Endpoint Agents → Exceptions.
  2. The Exceptions table displays any exception rules currently configured.

Host Isolation Exceptions

Host Isolation Exceptions

Create a Rule

To create a new Host Isolation Exception rule, follow these steps:

  1. From the XDR left-hand side navigation, select Endpoint Agents → Exceptions.
  2. Select Create Rule from above the table.
  3. Complete the New Rule form with the following details:
    • Name of Rule — Enter a name for the rule.
    • Description — (Optional) Enter a description of the rule.
    • Rule Type — From the dropdown menu choose CIDR, currently the only option.
    • Rule Values — Enter one or more CIDR ranges for the endpoints you want to allow additional network traffic to flow to when isolated.
  4. Select Save. Your exception rule is added to the table.

Create Host Isolation Exception

Create Host Isolation Exception

You can now test access to an isolated host in the specified range for any additional troubleshooting needs on the endpoint, such as forensics, management, or deployment.

Edit a Rule

To edit a configured Host Isolation Exception rule, follow these steps:

  1. From the XDR left-hand side navigation, select Endpoint Agents → Exceptions.
  2. Select the desired Rule Name from the table. The Rule Details form displays.
  3. Edit the rule as needed and select Update when complete.

Edit Host Isolation Exception

Edit Host Isolation Exception

Delete a Rule

To delete a configured Host Isolation Exception rule, follow these steps:

  1. From the XDR left-hand side navigation, select Endpoint Agents → Exceptions.
  2. Select the desired Rule Name from the table. The Rule Details form displays.
  3. Choose Delete Rule from the bottom of the form and confirm your action.

Delete Host Isolation Exception

Delete Host Isolation Exception

 

On this page: