Quarantining VMs

When a VM should no longer be able to communicate with the rest of the network, it can be placed into quarantine. Once a VM is quarantined, its network interfaces are disconnected and it can't connect to any network until the quarantine has been cleared. Even if a user reconfigures the VM so that its network adapter is connected, Commander will continue to enforce the quarantine: Commander will instantly detect a network access attempt and force a disconnect.

This is true even when a policy has automatically quarantined a VM. For example, if you had a compliance policy set to quarantine VMs without the custom attribute SOX Applicable set, setting a value for SOX Applicable won't clear the quarantine. A user must still clear the quarantine, or it remains in effect, even if the policy which placed the VM into quarantine is deleted.

The quarantine state for a VM is displayed in the Infrastructure pane under the Summary tab.

Access through:

Views menu > Infrastructure or Applications

Available to:

Administrator, Operator with Approval Access Rights

To place a VM in quarantine or remove it from Quarantine:

  1. Right-click a VM and select one of the following:
    • Policy Enforcement > Quarantine VM
    • Policy Enforcement > Unquarantine VM
  2. Click OK.