Skip to main content

Signature Management Configuration

C&C

Is used to manage IPs or hosts to include/exclude in security policy Block C&C traffic conditions.

image.png

C&C lists can be applied to:

  • Web policies
  • DNS Firewall

ATP

Is used to manage Hashes to include/exclude in security policy Block ATP conditions.

image.png

ATP lists can be applied to:

  • Web policies

Anti-Virus

Is used to manage Hashes to include/exclude in security policy Anti-Virus conditions.

image.png

Anti-virus lists can be applied to:

  • Web policies

Proxy Server

Is used to manage IPs to include/exclude in security policy Block access public proxy server conditions.

image.png

Proxy server lists can be applied to:

  • Web policies
  • DNS Firewall

Risky Websites

Is used to manage hosts to include/exclude in security policy Block access risky websites conditions.

image.png

Risky website lists can be applied to:

  • Web policies
  • DNS Firewall
  • RBI (Unsafe website)

Malware

Is used to manage malicious patterns to include/exclude in the security policy HTTP Response include malicious code condition.

image.png

The malware tab isn't directly configurable. Rather, it is a collection of known patterns regularly updated from the CTI. Malware patterns can be enabled/disabled