To access this page, select Configure > Threat Prevention > Custom Feeds.
To create local file and remote file custom feeds:
Note: When Sky ATP only is selected as the Threat Prevention Type, the DDoS custom feed is not available.
Feeds with local files—Enter the data manually into the provided fields or upload from a text file on your location machine. Complete the configuration as per the guidelines provided in Table 240.
Feeds with remote file server—Feeds are fetched from a remote server. Complete the configuration as per the guidelines provided in Table 241.
DDoS feed is updated. You can create only one DDoS feed, but add any number of IP addresses to the custom list.
Table 240: Fields on the Feeds with Local File Page
Field | Description |
|---|---|
Name | Enter a unique string that must begin with an alphanumeric character and can include colons, periods, dashes, and underscores; no spaces allowed; 63-character maximum. |
Description | Enter a description for your custom feed; maximum length is 1,024 characters. You must make this description as useful as possible for all administrators. |
Sites | Select the required sites from the list to associate them with the DDoS feeds. In the default mode (no Sky ATP), only sites are listed because of no Sky ATP. You cannot share the same site across the same feed. However, you can share a site across different feed types. |
Realms | Select the required realms from the list, if you are in Cloud feeds only, or SDSN with Sky ATP only mode and associate them with dynamic address or whitelists and blacklists feeds. You cannot share the same realm across the same feed type. However, you can share a realm across different feed types. When you are creating a Sky ATP realm, if you do not assign any sites it, those realms are not listed here. Only realms with sites associated are listed here. |
Custom List | Add all the target IP addresses that are supposed to be blocked. You can add only IP addresses and not IP subnets. Do one of the following:
|
Table 241: Fields on the Feeds with Remote File Server Page
Field | Description |
|---|---|
Name | Enter a unique string that must begin with an alphanumeric character and can include colons, periods, dashes, and underscores; no spaces allowed; 32-character maximum. |
Description | Enter a description for your custom feed; maximum length is 1,024 characters. You must make this description as useful as possible for all administrators. |
Feed Type | Select one of the following feed types for the DDoS feed category.
|
Types of Server URL | Select one of the following type to access the remove file server:
|
Server File URL | Enter the URL for the remote file server. |
Certificate Upload | Click Browse and select the CA certificate to upload. If you do not upload a certificate for https server URL, a warning message is shown that a certificate is not uploaded and to whether proceed further or not. Click Yes to proceed further without uploading a certificate or No to go back and upload the certificate. |
Username | Enter the username for the remote file server. |
Password | Enter the password for the remote file server. |
Update Interval | Select how often updates are retrieved from the remote files server: Hourly, Daily, Weekly, Monthly, Never. |
© 2018 Juniper Networks, Inc. All rights reserved