Quarantine will prevent all communications except those to the Tachyon server(s). This allows a Tachyon administrator to investigate and remove possible malicious software on the device.
Devices that have been quarantined will only be able to contact Tachyon. CRL checks must be set to soft. Certificate expiry can cause the Tachyon client to fail to connect to the switch. If a Tachyon client is no longer connected to Tachyon after quarantine, it will remain in quarantine. Please use with care, and please read this documentation carefully before use.
If the Tachyon Server has 1E Client installed (with Tachyon client features enabled) then it is possible to quarantine Tachyon Server like any other device. Therefore please exercise caution before using this feature, and avoid targetting the server.
You either need to load the 1E-Explorer-TachyonCore.zip file into Tachyon or download the quarantine product pack from the Tachyon Exchange and then define an Instruction set for the instructions. We recommend that you create an instruction set specifically for the quarantine instructions and permission this separately, for that you'll need to define a custom role and assign at least one management group to the role, for more details please refer to Instruction sets, Tachyon Exchange and custom roles - tutorial. The quarantine instructions are described in the following table:
|Are my devices quarantined? Warning: Please read the description before use.||This question returns a list of devices.|
|Quarantine selected devices. Warning: Please read the description before use.||This action quarantines all the devices in the scope of the action. Do not run this action without restricting the coverage to the devices you want to quarantine.|
|Release selected devices from quarantine. Warning: Please read the description before use.||This action releases all the devices in the scope of the action from quarantine.|
As you can see there is a warning attached to the name of each instruction. Quarantine is a powerful solution for use in extreme circumstances and should be used with care. We therefore recommend that Actioner permissions associated with the instruction set defined to contain the quarantine instructions should be assigned only to specific users. Users with Actioner permissions to use the quarantine instructions should also be warned that the instructions must be used carefully.