Versions Compared

Version Old Version 28 New Version 29
Changes made by

Gary Leicht

Gary Leicht

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • EXTERNAL NETWORKS: The total number of external networks included in the network scope for this policy. 
  • BLOXONE ENDPOINT GROUPS: The total number of endpoint groups included in the network scope for this policy.
  • IPAM: The number of IPAM objects associated with the security 
  • IPAM HOSTS: The number of IPAM Hosts associated with the security policy. 
  • TAGS: Any tags associated with the security policy. 
  • METADATA: Any metadata associated with the security policy.
  • USER GROUPS: The total number of user groups included in the network scope for this policy.
  • LISTS: The total number of custom lists configured for the security policy.
  • CATEGORY FILTERS: The total number of category filters configured for the security policy.
  • APPLICATION FILTERS: The total number of appication filters configured for the security policy.
  • BYPASS CODES: The number of bypass codes associated with a security policy. 
  • GEOLOCATION: The geolocation state for the policy. Geolocation can be enabled or disabled. For more information about geolocation support, see Geolocation Support on a Per-Policy Basis.
  • SAFE SEARCH: This indicates whether safe search is enabled or disabled for the security policy. For more information about safe search enforcement, see Safe Search Enforcement.
  • DNS FORWARDING PROXIES: The total number of DNS forwarding proxies included in the network scope for this policy.
  • DOH PER POLICY: DNS over HTTPs (DoH) is an encrypted protocol for DNS resolution. DoH per Policy can be enabled or disabled. BloxOne Threat Defense can terminate DoH connections and associate custom DoH FQDNs with specific customer policies. This allows customers to securely redirect their DNS traffic to the BloxOne Threat Defense cloud without a client and integrate our solution with third-party solutions. For information on how to use a an agentless client over DoH, see Implementing the Client over DoH.
  • BLOCK DNS REBIND ATTACK: In a DNS rebinding attack, the attacker first gains control of a malicious DNS server. For information, see Blocking DNS Rebind Attacks.
  • LOCAL ON-PREM RESOLUTION: When local on-prem resolution is enabled, all DNS requests and responses will be resolved locally on the host. The DNS requests and responses are then validated according to the configured policy in the BloxOne Cloud. When local on-prem resolution is disabled (the default state), DNS requests and responses will be validated per policy in BloxOne Cloud. Local on-prem resolution can be enabled or disabled. For additional information, see Using Local On-Prem Resolution.

...

  • Click Create Security Policy to create a new security policy.
  • Click   the expandable menu icon Edit to modify the respective security policy information. You can also choose the respective security policy and click the Edit button to do so.
  • Click   the expandable menu icon Edit Precedence to set the precedence order for the security policy. Click the checkbox icon to save the changes, or click the close icon to discard the changes. For more information, see Security Policy Precedence.
  • Choose a security policy and click Clone to create a new policy by cloning the selected one.  

...