You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/isolation-exclusions.md
+4-9Lines changed: 4 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -58,7 +58,7 @@ There are two steps to using isolation exclusion: defining isolation exclusion r
58
58
### Prerequisites
59
59
60
60
* Isolation exclusion is available on Windows (minimum client version 10.8470) and macOS (minimum client version 101.240902).
61
-
* Isolation exclusion must be enabled. Enabling isolation exclusion requires Security Admin permissions or above. To enable isolation exclusion, sign in to the [Microsoft Defender portal](https://security.microsoft.com) and go to **Settings** > **Endpoints** > **Advanced features** and enable **Isolation Exclusion Rules** feature.
61
+
* Isolation exclusion must be enabled. Enabling isolation exclusion requires Security Admin or Manage Security settings permissions or above. To enable isolation exclusion, sign in to the [Microsoft Defender portal](https://security.microsoft.com) and go to **Settings** > **Endpoints** > **Advanced features** and enable **Isolation Exclusion Rules** feature.
62
62
63
63
:::image type="content" source="./media/isolation-exclusions/enable-exclusions.png" alt-text="Screenshot showing how to enable isolation exclusions." lightbox="./media/isolation-exclusions/enable-exclusions.png":::
64
64
@@ -113,7 +113,8 @@ Exclusions that were applied to a specific device can be reviewed in the Action
113
113
114
114
### API Configuration
115
115
116
-
To trigger isolation with exclusions via API, set the IsolationType parameter to "Selective". See [Isolate machine API](/defender-endpoint/api/isolate-machine) for detail.
116
+
> [!NOTE]
117
+
> Alternatively, you can apply selective isolation via API. To do so, set the **IsolationType** parameter to *Selective*. For more information, see [Isolate machine API](/defender-endpoint/api/isolate-machine).
117
118
118
119
## Exclusion Logic
119
120
@@ -147,13 +148,7 @@ Rule 3:
147
148
148
149
## Considerations and limitations
149
150
150
-
When a device is isolated, any new isolation exclusion rules added from the portal won't apply to the currently isolated device. Instead, newly added exclusions will only take effect for future isolation requests.
151
-
152
-
If an exclusion needs to be applied to a device that is already isolated, the following steps must be taken:
153
-
154
-
1. Unisolate the device.
155
-
1. Ensure that the relevant, correctly defined exclusion rule is in place.
156
-
1. Reisolate the device for the updated exclusion rule to take effect.
151
+
Changes to exclusion rules only impact new isolation requests. Devices that were already isolated remain with the exclusions that were defined when they were applied. To apply updated exclusion rules to isolated devices, release those devices from isolation and then reisolate them.
157
152
158
153
This behavior ensures that isolation rules remain consistent throughout the duration of an active isolation session.
0 commit comments