Applying Overrides From Dwell Time Popups



Hello. You have arrived at an outdated topic. Please click this link to be redirected to the updated Endpoint Protection Admin Guide.

From a the dwell time popup, you can apply an override to a file designated as a threat so it won't be detected and quarantined again in the future.

To apply an override from a dwell time popup:

  1. From the Status tab, in the 50 Most Recent Endpoints Encountering Threats area, for the item for which you want to create an override, click the View link.



    The All Threats Ever Seen On This Endpoint window displays.



  2. In the Filename column, click the link for the item for which you want to create an override.



    The Dwelltime Popup window displays.



  3. Click the Create Override button.



    The Create Override window displays.



  4. From the Determination drop-down menu, select one of the following:
    • Good — Always allow the file to run.
    • Bad — Always send the file to quarantine.



  5. In the Description field, enter information about the override.



  6. Do one of the following to apply the override:
    • If you don't want to apply the override to a specific policy, do not select the Assign to a policy checkbox.
    • If you want to apply the override to a specific policy, select the Assign to a policy checkbox. 



  7. If you selected the checkbox, the Policy drop-down menu displays.



  8. Select the policy you want to apply the override to.



    Note: You can apply an override globally or you can apply it to a single policy; you cannot do both.
  9. When you're done, click the Save button.



  10. To test how SecureAnywhere will detect the file, you can send the endpoint a Reverify all files and processes command. For more information, see Issuing Commands to Endpoints.