Versions Compared

Version Old Version 9 New Version 10
Changes made by

Gary Leicht

Gary Leicht

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The following table lists the default actions and precedence for the feeds and Threat Insight in the Default Global Policy:

Feed NameDefault ActionDefault Precedence
Base
AntiMalwareBlock  – No Redirect1
AntiMalware
BaseBlock  – No Redirect2
Malware
DHS_AIS_
DGA
DomainBlock  – No Redirect3
Ransomware
Malware_DGABlock  – No Redirect4
SURBL_Multi
RansomwareBlock  – No Redirect5
Public
Suspicious_
DOH
NOEDBlock  – No Redirect6
Public
Suspicious_
DOH_IP
LookalikesBlock  – No Redirect7
Threat Insight - DGAAllow – With Log8Threat Insight-Data Exfiltration
Suspicious_DomainsBlock  – No Redirect8
AntiMalware_IPAllow – With Log9
Threat Insight-Fast Flux
BogonAllow – With Log10
Threat Insight-DNS Messenger
DHS_AIS_IPAllow – With Log11
Ext_AntiMalware_IPAllow – With Log12
Ext_Base_AntiMalwareAllow – With Log13
Ext_RansomwareAllow – With Log14
Ext
US_OFAC_
AntiMalware
Sanctions_IP_EmbargoedAllow – With Log15
SURBL_Fresh
TOR_Exit_Node_IPAllow – With Log16
DHS_AIS_Domain
Threat Insight-Data ExfiltrationAllow – With Log17
Threat Insight - DGAAllow – With Log18
Threat Insight-DNS MessengerAllow – With Log19
Threat Insight-Fast FluxAllow – With Log20
CryptoCurrencyAllow – With Log
18
21
TOR
Spambot_
Exit_Node
DNSBL_IPAllow – With Log22
NOEDAllow – With Log23
FarSightNODAllow – With Log24
ETQRiskAllow – With Log25
ETQRisk_IPAllow – With Log26
EECN_IPAllow – No Log
19BlocklistBlock  – No Redirect20
27
Public_DOHAllow – No Log28
Public_DOH_IPAllow – No Log29