Managing quarantined files in Symantec Data Center Security (DCS)

DCS 6.8.x 

Quarantined files can be managed on DCS as follows :

• Custom folder path can be defined where malware files are quarantined.
• Any file that is quarantined can be restored.

1. To specify a folder path to quarantine files, from DCS Java console, click on Configs > Detection > Detection Parameters and open Default Detection Parameters.
2. Press the AV Config tab.
3. Specify the folder path in the Quarantine Path section. Malware files detected by the DCS agent are quarantined to /var/log/sdcsslog/quarantine.You can specify a different path by accessing the Default Detection Parameters located in the Java Console.Restore any quarantined file.
4. From any server running the Linux agent, access /opt/Symantec/sdcssagent/AMD/tools.
5. Run the following command: ./AMDRestoreTool --action restore --quarantine /<file path>

Note :- Before restoring the quarantined file, make sure that the file path is added to the Scan Exclusion Path in the AV Config.