...
If your network configuration includes ActiveTrust Plus or ActiveTrust Advanced Cloud, you can configure a cloud integration client to collect malicious domains detected by the Threat Insight in the cloud. NIOS then applies the detected domains to RPZs that were configured for the on-premises Grid. This feature ensures that all malicious domains detected in the cloud are also captured for on-premises members.
You can use this feature when you have ActiveTrust Plus or ActiveTrust Advanced license. Note that you can configure only one cloud client per on-premises Grid and you must first request an API key through the Cloud Services Portal, so that the cloud client is authorized to retrieve data from Threat Insight in the Cloud.
To configure Threat Insight for the cloud client:
- From the Data Management tab, select the Threat Analytics tab -> Whitelist tab, click the Add icon or click Add Custom Whitelist from the Toolbar.
- In the Add Custom Whitelist wizard, complete the following:
- Domain Name: Enter the name of the domain that you want to add to the analytics whitelist.
- Comment: Enter additional information about this domain.
- Disable: When you select this, the appliance does not treat this domain as a trusted domain. When you enable the domain again, it is considered as a whitelisted domain.
- Save the configuration. You do not need to restart DNS service to update the analytics whitelist.
| Anchor |
|---|
| Viewing Blacklisted Domains |
|---|
| Viewing Blacklisted Domains |
|---|
|
Viewing Blacklisted Domains
...
