In environments in which virtual PCs are used (hereafter, virtual PC environments) and environments in which Server Based Computing is used (hereafter, SBC environments), using the automatic quarantining function of Resource Orchestrator enables security risks to be handled more quickly than in environments in which the function is not used.
Virtual PC environments and SBC environment servers are managed by Resource Orchestrator as L-Servers.
Virtual PC environments and SBC environment servers operating on VM hosts are managed as virtual L-Servers.
SBC environment servers operating on physical servers are managed as physical L-Servers.
Virtual L-Servers and physical L-Servers are collectively referred to as "L-Servers".
The following functions are provided in virtual L-Server and physical L-Server environments that are managed using Resource Orchestrator:
The transfer of virtual L-Servers and physical L-Servers on which security risks (*) are detected from the operation network to the quarantine network.
The recovery of L-Servers from the quarantine network to the operation network when security risks have been resolved.
When an L-Server is automatically quarantined, this function now provides notification of the quarantining by sending messages to users.
* The types of security risks which can cause an L-Server to be quarantined are "viruses" and "malware".
This function does not handle "spyware", "grayware", or "C&C callbacks".
This function does not handle "outbreaks" (occurrences of mass infections or mass failures).
Figure 1.1 Automatic Quarantining Function
