...
| Note | ||
|---|---|---|
| ||
| To provide flexibility and support for the new policy types, BloxOne Threat Defense Cloud has updated the evaluation process for security policies. Previously, BloxOne Endpoint and DNS forwarding proxy had implicit precedence over external networks. After the update, the policies are evaluated in the order you define and observe on the Security Policies page of the Cloud Services Portal. If you have existing security policies, the policy precedence is updated to match the behavior that was defined before the update. |
BloxOne Threat Defense Cloud provides a default global policy that gives you a head start in protecting your networks. You can review the default global policy, and decide whether you want to add or remove some of the rules based on your business requirements.
In addition to the default global policy, you can add new security policies from scratch or clone an existing policy to complement the default policy. When you create a new security policy, you must first define a network scope to which you add external networks, user groups, DNS forwarding proxies, DDI IPAM, and Endpoint groups. BloxOne Threat Defense Cloud applies the security policy to all the entities that you include in the network scope. After you define the network scope, you can add policy rules and specify actions and their precedence order. For more information, see Security Policy Precedence.
...
- PRECEDENCE: BloxOne Threat Defense Cloud enforces security policies in an ascending precedence order in which the policy rule with the lowest precedence order has the highest priority in the evaluation process. The precedence order for executing rules in a security policy, from highest to lowest order of precedence, is as follows:
...
For more information about how to use Local Internet DNS Breakout (local on-prem resolution) with BloxOne Threat Defense Cloud and BloxOne DDI DNS, see the following:
...