Quarantine Management
When Endpoint Security components (such as Forensics and Anti-Ransomware, Anti-Bot, Threat Extraction, and Threat Emulation) detect malicious files, it quarantines the files automatically based on the configured policy.
All components use the same Remediation service, which performs these actions:
-
Receives the request to quarantine a file.
-
Terminates the file's process, if running.
-
Encrypts the file and stores it compressed along with metadata in a protected folder.
Note:
Starting with E89.20 (Windows), the Remediation Manager for Administrators (AdminRemediationManagerUI.exe) is no longer included. It's functionality is integrated into the Endpoint Quarantine Manager.