Taking action on an intrusion prevention detection

If a device detects a file that generates malicious traffic, it appears on the
My Tasks
tab for 90 days for you to handle.
Endpoint Security
lets you decide whether you want to take action on the traffic. If you don't deny the file,
Endpoint Security
continues to block the traffic, but the file remains on the device. Therefore, the task is considered unresolved. However, do not deny the source if you think that it is safe.
Options to handle a file that generates malicious traffic
Option
Description
Recommended Actions
Lists the action you can take on the suspicious source of malicious traffic. You must select an option for
Endpoint Security
to take action.
Impact
Provides the information on the scope and range of devices that report a malicious source. A source that is detected as suspicious on a lot of devices may indicate a larger issue.
Associated Artifacts
Select at item from the list to get information about it, and whether or not you should deny or ignore the source. For example, if the source is relevant to an internal application that your company uses, you do not want to deny it.
Recent Events
Lists other recent events and the resulting action taken, if any.