Are there any possibilities to whitelist specific IPs/protocols when a host is isolated? We would like to be able to run cloud scanning for remediation.
VMware Carbon Black Standard EDR (Formerly known as Response)
By default all routes except to the EDR server and DNS/ DHCP will be cut. The exclusion is not bi-directional, isolation exclusions only work from the endpoint to the whitelisted IP or URL.
The isolation exclusion does not work for traffic coming into the isolated host.
The machine is isolated.