diff --git a/docs/management/admin/host-isolation-exceptions.asciidoc b/docs/management/admin/host-isolation-exceptions.asciidoc index 2305d9049b..273581e35c 100644 --- a/docs/management/admin/host-isolation-exceptions.asciidoc +++ b/docs/management/admin/host-isolation-exceptions.asciidoc @@ -12,7 +12,12 @@ Host isolation exceptions support IPv4 addresses, with optional classless inter- You must have the *Host Isolation Exceptions* <> to access this feature. -- -IMPORTANT: Each host isolation exception IP address should be a highly trusted and secure location since you're allowing it to communicate with hosts that have been isolated to prevent a potential threat from spreading. +[IMPORTANT] +==== +* Each host isolation exception IP address should be a highly trusted and secure location since you're allowing it to communicate with hosts that have been isolated to prevent a potential threat from spreading. + +* If your hosts depend on VPNs for network communication, you should also set up host isolation exceptions for those VPN servers' IP addresses. +==== Host isolation is a https://www.elastic.co/pricing[Platinum or Enterprise subscription] feature. By default, a host isolation exception is recognized globally across all hosts running {elastic-defend}. You can also assign a host isolation exception to a specific {elastic-defend} integration policy, affecting only the hosts assigned to that policy.