Versions Compared

Version Old Version 21 New Version 22
Changes made by

Gary Leicht

Gary Leicht

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. PRECEDENCE: BloxOne Threat Defense enforces security policies in an ascending precedence order in which the policy rule with the lowest precedence order has the highest priority in the evaluation process. The precedence order for executing rules in a security policy, from highest to lowest order of precedence, is as follows:
    1. Custom Lists
    2. Feeds
    3. Threat intelligence
    4. Category Filters
    5. Default
  2. NAME: The policy name.
  3. DEFAULT ACTION: The default action currently configured for the entities that are not included in the network scope.
  4. DESCRIPTION: The policy description.


You can also click the expandable menu iconImage Removedthe expandable menu icon to choose the following columns for display:

  • EXTERNAL NETWORKS: The total number of external networks included in the network scope for this policy. 
  • DNS FORWARDING PROXIESBLOXONE ENDPOINT GROUPS: The total number of DNS forwarding proxies endpoint groups included in the network scope for this policy.BLOXONE ENDPOINT GROUPS
  • IPAM: The number of IPAM objects associated with the security 
  • IPAM HOSTS: The total number of endpoint groups included in the network scope for this number of IPAM Hosts associated with the security policy. 
  • TAGS: Any tags associated with the security policy. 
  • METADATA: Any metadata associated with the security policy.
  • USER GROUPS: The total number of user groups included in the network scope for this policy.
  • LISTS: The total number of custom lists configured for the security policy.
  • CATEGORY FILTERS: The total number of category filters configured for the security policy.
  • APPLICATION FILTERS: The total number of appication filters configured for the security policy.
  • GEOLOCATION: The geolocation state for the policy. Geolocation can be enabled or disabled.
  • BYPASS CODES: The number of bypass codes associated with a security policy. 
  • LOCAL ON-PREM RESOLUTION: When local on-prem resolution is enabled, all DNS requests and responses will be resolved locally on the host. The DNS requests and responses are then validated according to the configured policy in the BloxOne Cloud. When local on-prem resolution is disabled (the default state), DNS requests and responses will be validated per policy in BloxOne Cloud. For additional information, see Using Local On-Prem Resolution.
  • IPAM: The number of IPAM objects associated with the security 
  • IPAM HOSTS: The number of IPAM Hosts associated with the security policy. 
  • GEOLOCATION: The geolocation state for the policy. Geolocation can be enabled or disabled.
  • SAFE SEARCH: This indicates whether safe search is enabled or disabled for the security policy.
  • TAGS: Any tags associated with the security policy. 
  • METADATA: Any metadata associated with the security policy.  
  • DNS FORWARDING PROXIES: The total number of DNS forwarding proxies included in the network scope for this policy.

You can also view more information about each security policy in the right panel. When you expand Network Scope, Policy Rules, and Bypass Codes, you can see the total number of each entities within the respective category. When you click the number next to each entity, the system takes you to the Summary page of the security policy. On the Summary page, you can find more information about the specific entity or navigate to other sections to view or modify certain information about the security policy.

...

  • Click Create Security Policy to create a new security policy.
  • Click  the expandable menu iconImage Removedthe expandable menu icon Edit to modify the respective security policy information. You can also choose the respective security policy and click the Edit button to do so.
  • Click  the expandable menu iconImage Removedthe expandable menu icon Edit Precedence to set the precedence order for the security policy. Click the check box iconImage Removed to Click the checkbox icon to save the changes, or click the close iconImage Removed to click the close icon to discard the changes. For more information, see Security Policy Precedence.
  • Choose a security policy and click Clone to create a new policy by cloning the selected one.  

  • Click the expandable menu iconImage Removedthe expandable menu icon > Remove to delete a security policy. You can also choose the respective security policy and click Remove.

  • Choose a security policy to view additional details in the right panel. You can collapse the right panel by clicking the information iconImage Removed.clicking the information icon. 

  • Enter the value that you want to search in the Search text box. The Cloud Services Portal displays the list of records that match the keyword in the text box.
  • Click the expandable menu iconImage Removedthe expandable menu icon to choose the columns you want to display or use the arrow keys to reorder the columns.

...