Reference Guide
Security Management Server Virtual v10.2.11 AdminHelp
4. Enter a reason why the file should be listed as safe, and click Yes.
Note: Occasionally, a “good” file may be reported as unsafe (this could happen if the
features of that file strongly resemble those of malicious files). Waiving or safelisting
the file can be useful in these instances.
Edit Global List - Add or remove files from the global quarantine list.
1. Click Edit Global List.
2. Select the items to change.
3. Select Safe to add the selected items to the safelist, or select Remove from list to
remove the selected files from the Global Quarantine list.
Manually Add File to the Global Quarantine list
1. Click Edit Global List.
2. Click Add File.
3. Enter the file's SHA256 hash number (required).
4. Enter the file's MD5 number, if available.
5. Enter the file name, if available.
6. Enter the reason the file should be quarantined.
7. Click Submit.
View Threat Details - Click a threat name to display details of the threat details on a new page. Click
anywhere in the threat’s row to display the same threat details on the left side of this page, under the
table.
File Details
Details: [file name]
At the bottom of the page, this section displays details about the file that triggered an event. To display
this information, select the row that displays the file name in the Advanced Events table.
Click the file name next to Details: to display the same information about the event on a new page.
Overview
The overview contains summary information about the file.
Threat Indicators
Threat Indicators are observations about a file that has been analyzed.
These indicators help administrators understand the reason for a file’s classification and provide insight
into its attributes and behavior. Threat Indicators are grouped into categories.
Devices
In the Devices pane, the administrator can view a list of devices that have unsafe or abnormal files and
quarantine or waive them.
The device list can be filtered by file state: Unsafe, Quarantined, Waived, or Abnormal.
Waiving a file will allow that file to run on the device.
Detailed Threat Data
231