Versions Compared

Version Old Version 8 New Version 9
Changes made by

Gary Leicht

Gary Leicht

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

A security policy is a set of rules and actions that you define to balance access and constraints, so you can mitigate malicious attacks and provide security for your networks.

...

BloxOne Threat Defense Cloud provides a default global policy that gives you a head start in protecting your networks. You can review the default global policy, and decide whether you want to add or remove some of the rules based on your business requirements.

Note
titleNote

Precedence order considerations when defining a policy based on tags: If the Default Global Policy has higher precedence than a custom policy having network scopes defined based on tags, then the Default Global Policy will continue to work because its precedence is higher than the custom policy. For a custom policy having network scope defined based on tags to work, it should have higher precedence than the Default Global Policy. For information on applying tags to BloxOne Threat Defense objects, see Applying Tags.

In addition to the default global policy, you can add new security policies from scratch or clone an existing policy to complement the default policy. When you create a new security policy, you must first define a network scope to which you add external networks, user groups, DNS forwarding proxies, DDI IPAM, and Endpoint groups. BloxOne Threat Defense Cloud applies the security policy to all the entities that you include in the network scope. After you define the network scope, you can add policy rules and specify actions and their precedence order. For more information, see Security Policy Precedence.

...

The Security Policies page displays the following information for each security policy you have configured by default:

  1. PRECEDENCE:

...

  1. BloxOne Threat Defense Cloud enforces security policies in an ascending precedence order in which the policy rule with the lowest precedence order has the highest priority in the evaluation process. The precedence order for executing rules in a security policy, from highest to lowest order of precedence, is as follows:

1. Custom Lists
2. Feeds
3. Threat intelligence
4. Category Filters
5. Default

  1. NAME: The policy name.
  2. DEFAULT ACTION: The default action currently configured for the entities that are not included in the network scope.
  3. DESCRIPTION: The policy description.

You can also click to choose the following columns for display:

...

  • Click Create Security Policy to create a new security policy.
  • Click  -Edit to modify the respective security policy information. You can also choose the respective security policy and click the Edit button to do so.
  • Click  -Edit Precedence to set the precedence order for the security policy. Click  to save the changes, or click  to discard the changes. For more information, see Security Policy Precedence.
  • Choose a security policy and click Clone to create a new policy by cloning the selected one.  

  • Click  -> Remove to delete a security policy. You can also choose the respective security policy and click Remove.

  • Choose a security policy to view additional details in the right panel. You can collapse the right panel by clicking.

  • Enter the value that you want to search in the Search text box. The Cloud Services Portal displays the list of records that match the keyword in the text box.
  • Click to choose the columns you want to display or use the arrow keys to reorder the columns.

...