Understanding Quarantined VMs and How to Manage Them

This topic covers aspects of the vGW Series quarantine feature. When a VM is quarantined as a result of a vGW AntiVirus, Compliance, or Image Enforcer scan, the VM is added to the Quarantine Policy group in the VM tree.

When a VM is added to the Quarantine Policy group, the quarantine policy that you configured using the Firewall module is applied to it. After a VM is quarantined, at any time, you can use the Main module Quarantine tab to manage it in various ways.

The Quarantine Policy group, the quarantine policy associated with it, and the Main module Quarantine tab cooperate to help you control and manage quarantined VMs. This topic includes the following sections:

About vGW Series Quarantine

The Quarantine Policy group belongs to the Policy Groups branch. Figure 90 shows that one quarantined VM has been added to the Quarantine Policy group.

Figure 90: Quarantine Policy in the VM Tree

Quarantine Policy in the VM Tree

Configuring a Quarantine Policy

The Firewall module allows you to configure policy rules, including configuring a quarantine policy. You use the Quarantine Policy page for this purpose.

Figure 91: Configuring a vGW Series Quarantine Policy

Configuring a vGW Series Quarantine Policy

To display the Quarantine Policy page:

  1. Select the Firewall module on the taskbar.
  2. Select the Quarantine Policy group.
  3. Configure the policy rules. For details on configuring policy rules, see Understanding the vGW Series Firewall Module.

Viewing the Quarantined VMs, Releasing Them From Quarantine, and Resolving Problems

The Main module Quarantine tab page displays a table that includes a row for each quarantined VM. You can display information for VMs quarantined as a result of vGW AntiVirus, Compliance, and Image Enforcer scans. You can display information for all quarantined VMs or VMs by scan category.

The table identifies the time the VM was quarantined and the reason for it. See Figure 92.

Figure 92: Main Module Quarantine Tab

Main Module Quarantine Tab

To view a quarantined VM in the quarantine table, resolve the problem, and remove it from quarantine:

  1. Select the Main module in the taskbar.
  2. Select the Quarantine tab.
  3. To remove the VM from quarantine, select the VM and click Un-Quarantine VM.
  4. Resolve the problem that caused the VM to be quarantined.

    Removing a VM from quarantine does not fix the underlying problem that caused the VM to be quarantined. A VM might be quarantined because of a compliance, image enforcer, or vGW AntiVirus violation.

    You can fetch the VM to resolve it offline or you can delete the VM.

Related Documentation