...
On the Policy Rules page of the Create New Security Policy wizard, define the Default Action for all the destinations that you have not included in the security policy, as follows:
- Allow: Grants traffic access to a domain or IP address that hits a particular feed or security policy.
- Default Redirect: Routes traffic to the default Infoblox page or a custom message that you have configured for the Redirect Page.
- Custom Redirect: Redirects Redirects traffic to a configured custom redirect, if one has been configured by the organization.
- Click the Add Rule menu and choose one of the following policy types.
...
- Custom List: Choose this to add a custom list to the policy. When you click a custom list, you can view the Threat Level and Threat Confidence. When you are ready, click Select to add the custom list to the policy. Custom lists can be either allow lists or block lists, depending on the actions that you set upon them.
Action Types: Select From the ACTION menu, select an action type from among the action options under the ACTION menu to add to be added to your security policy. Options include the following:
Allow - No Log: Allows filtering of custom
list filteringlists without logging of responses. Events will not be displayed in Security Activity reports.
Allow - With Log: Allows filtering of custom
list filteringlists with logging of responses.
Block - No Redirect: Blocks filtering of custom
list filteringlists when
usingno redirection is used.
Block - Default Redirect: Blocks filtering of custom
list filteringlists when
usingthe default redirect is used.
Block - Redirect: Blocks filtering of custom
list filteringlists when
usinga custom redirect is used.
Block (No Log) - No Redirect: Blocks
custom listfiltering
without loggingof
responsescustom lists when
using no redirectionno redirect is used. Events will not be displayed in Security Activity reports.
Block (No Log) - Default Redirect: Blocks
custom listfiltering
without loggingof
responses whencustom lists when using the default redirect. Events will not be displayed in Security Activity reports.
Block (No Log) - Redirect: Blocks
custom listfiltering
without loggingof
responses whencustom lists when using a
customredirect. Events will not be displayed in Security Activity reports.
- Custom List: Choose this to add a custom list to the policy. When you click a custom list, you can view the Threat Level and Threat Confidence. When you are ready, click Select to add the custom list to the policy. Custom lists can be either allow lists or block lists, depending on the actions that you set upon them.
You can also add a custom list by clicking on the selecting Custom List option from among the the Choose a Custom List drop-down menu options. To create your a custom list, you must provide a name for the custom list. A description for the custom list it; a description is optional. Select a To classify the level of threat posed to your organization, select a threat level (INFO, LOW, MEDIUM, or or HIGH) to be used to label indicators as a means of classifying the threat level to your organization. By selecting a threat level, you can select or override the threat level provided by Infoblox. Select a and a confidence level (HIGH, MEDIUM, or or LOW) to be used to label indicators as a means of classifying the threat level to your organization. By selecting a confidence level. When you select the threat and confidence levels, you can select or override the threat level levels provided by Infoblox.
For more information about custom lists, see Custom Lists.
- Feeds and Threat Insight: Choose this to add a feed or Threat Insight to the policy. Your custom TIDE feeds (TIDE Bring Your Own Feed or TIDE BYOF) are listed under the list of available feed options. When you click a feed or Threat Insight, you can view the Threat Level and Threat Confidence. When you are ready, click Select to add the feed or Threat Insight to the policy. Feeds and threat insight can be either allow lists or block lists, depending on the actions that you set upon them.
Action Types: Select From the ACTION menu, select an action type from among the action options under the ACTION menu to add to be added to your security policy. Options include the following:
Allow - No Log: Allows filtering of feeds and threat insight
filteringwithout logging of responses. Events will not be displayed in Security Activity reports.
Allow - With Log:
Allows feedsAllows filtering of feeds and threat insight
filteringwith logging of responses.
Block - No Redirect: Blocks filtering of feeds and threat insight
filteringwhen
usingno redirection is used.
Block - Default Redirect: Blocks filtering of feeds and threat insight
filteringwhen
usingthe default redirect is used.
Block - Redirect:
Blocks feedsBlocks filtering of feeds and threat insight
filteringwhen
usinga custom redirect is used.
Block (No Log) - No Redirect: Blocks filtering of feeds and threat insight
filtering without logging of responseswhen
using no redirectionno redirect is used. Events will not be displayed in Security Activity reports.
Block (No Log) - Default Redirect: Blocks filtering of feeds and threat insight
filtering without logging of responseswhen using the default redirect. Events will not be displayed in Security Activity reports.
Block (No Log) - Redirect: Blocks filtering of feeds and threat insight
filtering without logging of responseswhen using a
custom redirectredirect. Events will not be displayed in Security Activity reports.
- Feeds and Threat Insight: Choose this to add a feed or Threat Insight to the policy. Your custom TIDE feeds (TIDE Bring Your Own Feed or TIDE BYOF) are listed under the list of available feed options. When you click a feed or Threat Insight, you can view the Threat Level and Threat Confidence. When you are ready, click Select to add the feed or Threat Insight to the policy. Feeds and threat insight can be either allow lists or block lists, depending on the actions that you set upon them.
For more information, see Viewing Active Threat Feeds and Threat Insight.
- Category Filter: Choose this to add a category filter to the policy. Choose a category filter and click Select to add the category filter to the policy. Category filters are content categorization rules that allow you to detect and filter internet content and traffic that you want to allow or block. Choose the name of the category from among the Select List options under the NAME menu to add to your security policy.
Action Types: Select From the ACTION menu, select an action type from among the action options under the ACTION menu to add to be added to your security policy. Options include the following:
Allow - No Log: Allows
categoryfiltering of categories without logging of responses. Events will not be displayed in Security Activity reports.
Allow - With Log:
Allows category filteringAllows filtering of categories with logging of responses.
Block - No Redirect:
Blocks category filteringBlocks filtering of categories when
usingno redirection is used.
Block - Default Redirect:
Blocks category filteringBlocks filtering of categories when
usingthe default redirect is used.
Block - Redirect:
Blocks category filteringBlocks filtering of categories when
usinga custom redirect is used.
Block (No Log) - No Redirect:
Blocks category filtering without logging of responses when using no redirectionBlocks filtering of categories when no redirect is used. Events will not be displayed in Security Activity reports.
Block (No Log) - Default Redirect:
Blocks category filtering without logging of responses whenBlocks filtering of categories when using the default redirect. Events will not be displayed in Security Activity reports.
Block (No Log) - Redirect:
Blocks category filtering without logging of responses whenBlocks filtering of categories when using a
custom redirectredirect. Events will not be displayed in Security Activity reports.
- Category Filter: Choose this to add a category filter to the policy. Choose a category filter and click Select to add the category filter to the policy. Category filters are content categorization rules that allow you to detect and filter internet content and traffic that you want to allow or block. Choose the name of the category from among the Select List options under the NAME menu to add to your security policy.
You can also add a custom category filter by clicking on the selecting New Filter option from among the the Choose Application Filter drop-down menu options menu. To create your custom category filter, you must provide a name for the custom category list. A description for the category filter list ; a description is optional.
For more information, see Creating Category Filters.
Application Filter: Choose this to add an application filter to the policy. Choose an application filter and click Select to add the application filter to the policy. Application filters are application categorization rules that allow you to detect and filter internet content and traffic that you want to allow or block. Choose the name of the application from among the Select List options under the NAME menu to add to your security policy.
Action Types: Select From the ACTION menu, select an action type from among the action options under the ACTION menu to add to be added to your security policy. Options include the following:
Allow - No Log: Allows
applicationfiltering of applications without logging of responses. Events will not be displayed in Security Activity reports.
Allow - With Log: Allows
applicationfiltering of applications with logging of responses.
Allow - Local Resolution: Allows
applicationfiltering of applications when
used withlocal on-prem relocation is used.
Block - No Redirect: Blocks
applicationfiltering of applications when
usingno redirection is used.
Block - Default Redirect: Blocks
applicationfiltering of applications when
usingthe default redirect is used.
Block - Redirect: Blocks
applicationfiltering of applications when
usinga custom redirect is used.
Block (No Log) - No Redirect: Blocks
applicationfiltering
without loggingof
responses when using no redirectionapplications when no redirect is used. Events will not be displayed in Security Activity reports.
Block (No Log) - Default Redirect: Blocks
applicationfiltering
without loggingof
responses whenapplications when using the default redirect. Events will not be displayed in Security Activity reports.
Block (No Log) - Redirect: Blocks
applicationfiltering
without loggingof
responses whenapplications when using a
custom redirectredirect. Events will not be displayed in Security Activity reports.
You You can also add a custom application filter by clicking on the selecting New Filter option from among the Choose Application Filter drop-down menu options. To create your custom application filter, you must provide a name for the custom application list. A description for the custom list ; a description is optional.
For more information, see Creating Application Filters.
...