Environment
- App Control Agent: 8.9.2+
- Microsoft Windows: All Supported Versions
Objective
Prevent repeated blue screens due to Policy Enforcement by Agents on endpoints.
Resolution
Warning: While in the Override (Visibility) the Agent will not enforce any Custom Rules or Bans until moved back into a Control Mode. |
- Log in to the Console and navigate to: https://ServerAddress/agent_config.php
- Click Add Agent Config and use the following details:
- Click Save.
Additional Notes
- This feature is disabled by default.
- This prevention can aid in the event a critical operating system process is being blocked due to an improper Custom Rule or File Ban.
- When the specified number of blue screens are detected, the Agent will move to a Visibility Policy, preventing further occurrences.
- Once the Agent starts successfully, a timer will move the Agent out of the Override after reaching the time specified in unsettled_enforcement_override_time_minutes
- By default, unsettled_enforcement_override_time_minutes is set to 10.
- A future Health Check will be introduced to alert on this override (EP-19497)
Related Content