Help Center User GuideGetting StartedFAQRelease Notes
 
X
User Guide
Getting Started
FAQ
Release Notes
Contents  

Creating Custom Feeds, DDoS

To access this page, select Configure > Threat Prevention > Custom Feeds.

Procedure

To create local file and remote file custom feeds:

  1. Select Configure > Threat Prevention > Custom Feeds.
  2. Select the DDoS tab.

    Note: When Sky ATP only is selected as the Threat Prevention Type, the DDoS custom feed is not available.

  3. Click the Create icon and select one of the following options:
    • Feeds with local files—Enter the data manually into the provided fields or upload from a text file on your location machine. Complete the configuration as per the guidelines provided in Table 237.
    • Feeds with remote file server—Feeds are fetched from a remote server. Complete the configuration as per the guidelines provided in Table 238.
  4. Click OK.

    DDoS feed is updated. You can create only one DDoS feed, but add any number of IP addresses to the custom list.

Table 237: Fields on the Feeds with Local File Page

Field

Description

Name

Enter a unique string that must begin with an alphanumeric character and can include colons, periods, dashes, and underscores; no spaces allowed; 63-character maximum.

Description

Enter a description for your custom feed; maximum length is 1,024 characters. You must make this description as useful as possible for all administrators.

Sites

Select the required sites from the list to associate them with the DDoS feeds.

In the default mode (no Sky ATP), only sites are listed because of no Sky ATP. You cannot share the same site across the same feed. However, you can share a site across different feed types.

Realms

Select the required realms from the list, if you are in Cloud feeds only, or SDSN with Sky ATP only mode and associate them with dynamic address or whitelists and blacklists feeds.

You cannot share the same realm across the same feed type. However, you can share a realm across different feed types.

When you are creating a Sky ATP realm, if you do not assign any sites it, those realms are not listed here. Only realms with sites associated are listed here.

Custom List

Add all the target IP addresses that are supposed to be blocked. You can add only IP addresses and not IP subnets.

Do one of the following:

  • Click Upload File to upload a text file with an IP address list. The uploading file must have the string add at the beginning, followed by the IP addresses. If you want to delete certain IP addresses, enter the string delete followed by the IP addresses to delete.

    Click the Add button to include the address list in your custom list.

    The file must contain only one item per line (no commas or semi colons). All items are validated before being added to the custom list.

  • Manually enter your item in the space provided in the Custom List section. To add more items, click the add icon (+) to add more IP addresses.

Table 238: Fields on the Feeds with Remote File Server Page

Field

Description

Name

Enter a unique string that must begin with an alphanumeric character and can include colons, periods, dashes, and underscores; no spaces allowed; 32-character maximum.

Description

Enter a description for your custom feed; maximum length is 1,024 characters. You must make this description as useful as possible for all administrators.

Feed Type

Select one of the following feed types for the DDoS feed category.

  • IP, Subnet and Range—Enter an IPV4 address in standard four octet format.

Types of Server URL

Select one of the following type to access the remove file server:

  • http
  • https

Server File URL

Enter the URL for the remote file server.

Certificate Upload

Click Browse and select the CA certificate to upload.

If you do not upload a certificate for https server URL, a warning message is shown that a certificate is not uploaded and to whether proceed further or not. Click Yes to proceed further without uploading a certificate or No to go back and upload the certificate.

Username

Enter the username for the remote file server.

Password

Enter the password for the remote file server.

Update Interval

Select how often updates are retrieved from the remote files server: Hourly, Daily, Weekly, Monthly, Never.

Related Documentation

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:      
X

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:
Email:

Need product assistance? Contact Juniper Support

Submit