Feature Request: The ability to automatically quarantine hosts where the Agents are not up to a specific version (Ideally N-1,2)

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Feature Request: The ability to automatically quarantine hosts where the Agents are not up to a specific version (Ideally N-1,2)

L0 Member

I believe that right now, the only way to do this would be from the action center and filter via Agent Version and manually quarantine each host that is on an EOL agent version that didnt get auto-upgraded. 

I cant seem to find anything on this from a policy perspective side of things unless I'm looking in the wrong spot.

 

Any help is appreciated. 

 

1 REPLY 1

L5 Sessionator

Hi @DanCartaginese there's no way to manually do that within the console as of date.

 

What you can do using automation is:

A) have the Endpoints API retrieve the agent version for all endpoints and then isolate those specific endpoints with the Isolate API. You'd have to wrap it with a timer to run periodically.

or

B) have a policy that identifies endpoints that need to be upgraded (say anything <v7.7) and upgrade them to the latest version. This is my preferred recommendation as this ensures that the endpoints are always picked up and upgraded in case they fall through the cracks. Furthermore, use that information in a report that gets emailed on a weekly basis for any endpoints that are EOL to investigate and manually intervene, if necessary.

  • 1318 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!