Versions Compared

Version Old Version 8 New Version 9
Changes made by

Gary Leicht

Gary Leicht

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The following table lists the default actions and precedence for the feeds and Threat Insight in the Default Global Policy available May 2024:

Feed NameDefault ActionDefault Precedence
Default Allow ListAllow - No Log1
Default Bloxk ListBlock  – No Redirect2
Infoblox BaseBlock  – No Redirect3
Infoblox Base IPBlock  – No Redirect4
Infoblox High RiskBlock  – No Redirect5
Threat Insight - Zero Day DNSBlock  – No Redirect6
Infoblox Medium RiskBlock  – No Redirect7
Threat insight - DGAAllow – With Log8
Threat Insight-Data ExfiltrationAllow – With Log9
Threat Insight-Fast FluxAllow – With Log10
Threat Insight-DNS MessengerAllow – With Log11
Infoblox Low RiskAllow – With Log12
Infoblox InformationalAllow – With Log13
Threat insight - Notional Data ExfiltrationAllow – With Log14



The following table lists the default actions and precedence for the feeds and Threat Insight in the Default Global Policy (deprecated May 2024):

Feed NameDefault ActionDefault Precedence
Base HostnamesBlock  – No Redirect1
AntiMalwareBlock  – No Redirect2
Malware_DGA HostnamesBlock  – No Redirect3
RansomwareBlock  – No Redirect4
Public_DOHBlock  – No Redirect5
Public_DOH_IPBlock  – No Redirect6
DomainAllow – With Log7
Threat Insight-Data ExfiltrationAllow – With Log8
Threat Insight - Notional Data Exfiltration Allow – With Log9
Threat Insight-Fast FluxAllow – With Log10
Threat Insight-DNS MessengerAllow – With Log11
AntiMalware_IPAllow – With Log12
Ext_Base_AntiMalwarAllow – With Log13
Ext_RansomwareAllow – With Log14
Ext_AntiMalware_IPAllow – With Log15
DHS_AIS_DomainAllow – With Log16
CryptoCurrencyAllow – With Log17
TOR_Exit_Node_IPAllow – With Log18


For information on adding and removing feeds from a security policy, see the following: 

...