Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Threat Prevention Policies Configuration Page Options

 
  1. Select Configure>Security>SkyATP or Threat Prevention>Policies in the J-Web user interface.

    The Threat Prevention Policies page appears.Table 189 explains the contents of this page.

  2. Click one:
    • +—Create a new or duplicate threat prevention policy. Enter information as specified in Table 109.

    • /—Edit the selected threat prevention policy.

    • X—Delete the selected threat prevention policy.

Table 222: Threat Prevention Policies Page

FieldFunction

Name

Displays the threat prevention policy name.

C&C Server

Displays the range value of threat score set for this policy on a C&C server. A C&C profile would provide information on C&C servers that have attempted to contact and compromise hosts on your network. If the threat score of a feed is between this range, the feed will be blocked or permitted based on the threat score.

Infected Host

Displays the range value of threat score set for this policy if . An infected host profile would provide information on compromised hosts and their associated threat levels.

Malware HTTP

A malware profile would provide information on files downloaded by hosts and found to be suspicious based on known signatures or URLs.

Malware SMTP

A malware profile would provide information on files downloaded by hosts and found to be suspicious based on known signatures or URLs.

Log

All traffic is logged by default. Use the pulldown to narrow the types of traffic to be logged.

Description

Displays the description of the policy.