How to Network Contain an Infected System with CrowdStrike Falcon
In this video, we will demonstrate how to network contain a system with CrowdStrike Falcon. This capability is also referred to as “network quarantine” or “network isolation” and is typically used by administrators to remove an infected (or possibly infected) system from the network. This removes the ability for malware to spread or for an attacker to move latterly across the network. With CrowdStrike Falcon, once a system is network contained, it can only make network connections to the CrowdStrike cloud infrastructure or to local IPs that are specified by the administrator. It is also possible to un-contain a system after the system is verified as clean.
- CrowdStrike Falcon Tech Center
- Request a CrowdStrike Falcon Endpoint Protection Demo
- Take the CrowdStrike Falcon Endpoint Protection Tour
- Register for Falcon Endpoint Protection Live Demo
- CrowdStrike Falcon Endpoint Protection
For technical information on installation, policy configuration and more, please visit the CrowdStrike Tech Center.Visit the Tech Center