You can restore files that Apex One quarantined if you believe that the detection was inaccurate. The Central Quarantine Restore feature allows you to search for files in the quarantine directory and perform SHA1 verification checking to ensure that the files you want to restore have not been modified in any way.
- Go to Agents > Agent Management.
- In the agent tree, select a domain or select any agent.
-
Click Tasks > Central Quarantine Restore.
The Central Quarantine Restore Criteria screen appears.
- Type the name of the data you want to restore in the Infected file/object field.
- Optionally specify the time period, security threat name, and file path of the data.
-
Click Search.
The Central Quarantine Restore screen appears displaying the results of the search.
-
Select Add restored file to the domain-level
exclusion list to ensure that all Security Agents in the domain(s) where the files are
restored add the file to the scan exclusion list.
This ensures that Apex One does not detect the file as a threat during future scans.
Important:Security Agents managed using Apex Central policies only apply the restored file exclusion until the next time that the Apex Central server updates the Security Agent policy and overwrites the exclusion list. To prevent the Security Agent from rescanning restored files, add the file exclusion to the Apex Central Security Agent policy.
- Optionally type the SHA-1 value of the file for verification purposes.
- Select the files to restore from the list and click Restore.
-
Click Close in the confirmation dialog.
To verify that Apex One successfully restored the quarantined file, see Viewing Central Quarantine Restore Logs.