Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureData Guardian

251

252

253

254

255

256

257

258

259

260

Security Management Server v10.2.7 AdminHelp

241

3. Select Safe to add the selected items to the safelist, or select Remove from list to

remove the selected files from the Global Quarantine list.

Manually Add File to the Global Quarantine list

1. Click Edit Global List.

2. Click Add File.

3. Enter the file's SHA256 hash number (required).

4. Enter the file's MD5 number, if available.

5. Enter the file name, if available.

6. Enter the reason the file should be quarantined.

7. Click Submit.

View Threat Details - Click a threat name to display details of the threat details on a new page. Click

anywhere in the threat’s row to display the same threat details on the left side of this page, under the

table.

File Details

Details: [file name]

At the bottom of the page, this section displays details about the file that triggered an event. To display

this information, select the row that displays the file name in the Advanced Events table.

Click the file name next to Details: to display the same information about the event on a new page.

Overview

The overview contains summary information about the file.

Threat Indicators

Threat Indicators are observations about a file that has been analyzed.

These indicators help administrators understand the reason for a file’s classification and provide insight

into its attributes and behavior. Threat Indicators are grouped into categories.

Devices

In the Devices pane, the administrator can view a list of devices that have unsafe or abnormal files and

quarantine or waive them.

The device list can be filtered by file state: Unsafe, Quarantined, Waived, or Abnormal.

Waiving a file will allow that file to run on the device.

Detailed Threat Data

If the file has been uploaded for analysis, the Detailed Threat Data pane may display a comprehensive

summary of the static and dynamic characteristics of the file including additional file metadata, file

structure details, and dynamic behaviors such as files dropped, registry keys created or modified, and

URLs with which it attempted to communicate.

Note: If no results display in the Detailed Threat Data pane, the file has not yet been uploaded for

analysis. Debug logging may provide information about why the file was not uploaded.

Script Control Table

The table lists details about Active and PowerShell scripts that have been blocked or have triggered an

alert and the affected devices.