Capture Client Monitoring with Dashboard, Threats and Applications
Performing a Rollback
Even if a threat has been re-mediated, you cannot be sure that there are no remnants that may impact performance (for example, registry keys, temp files, system changes, and so forth). The best way to avoid issues is to roll the system back to its last known good state. This is made possible using the Rollback function available with Capture Client.
Before performing rollback on Windows endpoints, you need to configure Volume Shadow Copy Service (VSS). To configure VSS on Windows computers for Capture Client rollback feature to work, see SonicWall Support Knowledge Base.
The Rollback function is only available on Windows endpoints and relies on the Virtual Shadow Copy Service (VSS) available in the Windows operating system. It is enabled by default and used to create the system recovery image. The Rollback function is only available for customers who procure the Capture Client Advanced license for their endpoints.
The Rollback feature is currently only available for Windows systems.
The time it takes for a rollback to complete depends on the size of the shadow copy, but for a large disk, it should only take a few minutes.
Once the rollback is complete, the Actions section shows that the rollback was completed successfully.
Was This Article Helpful?
Help us to improve our support portal