Isolating and Killing Malicious Programs

Isolating and Killing Malicious Programs

1. Log in to the management console.
2. Click in the upper left corner of the page, select a region, and choose Security > Host Security Service. The HSS page is displayed.
3. Choose Installation & Configuration > Server Install and Config and click the Security Configuration tab. Click the Isolation and Killing of Malicious Programs tab and enable Isolate and Kill Malicious Programs and Malware Cloud Scan.
   Note

   After the cloud scan function is enabled, all HSS servers will be scanned. Some HSS quota editions can support only limited scanning capabilities. Therefore, you are advised to enable the enterprise edition or higher to enjoy all capabilities of the isolation and killing function.

4. In the confirmation dialog box, click OK to enable the isolation and killing of malicious programs and malware cloud scan.

   Automatic isolation and killing may cause false positives. You can choose Detection & Response > Events to view isolated malicious programs. You can cancel the isolation or ignore misreported malicious programs.

   Notice

   • When a program is isolated and killed, the process of the program is terminated immediately. To avoid impact on services, check the detection result, and cancel the isolation of or unignore misreported malicious programs (if any).
   • If Isolate and Kill Malicious Programs is set to Disable on the Isolation and Killing of Malicious Programs tab, HSS will generate an alarm when it detects a malicious program.

     To isolate and kill the malicious programs that triggered alarms, choose Detection & Response > Events and click Malicious program.