BloxOne Threat Defense Cloud provides predefined threat intelligence feeds based on your subscription. The BloxOneThreat Defense Business On-Premises and BloxOne Threat Defense Business Cloud subscriptions offer a few more feeds than the BloxOneThreat Defense Essentials subscription. The BloxOneThreat Defense Advanced subscription offers a few more feeds than the BloxOneThreat Defense Business On-Premises and BloxOneThreat Defense Business Cloud subscriptions. To view threat feeds and Threat Insight information associated with a security policy, see Viewing Feeds and Threat Insight Associated with a Security Policy.
...
Sanctions_IP
May choose to block based on company policy. Contains IPs assigned to United States sanctioned countries listed by US Treasury Office of Foreign Assets Control (OFAC). The Treasury Department’s Office of Foreign Asset Control (OFAC) administers and enforces economic sanctions imposed by the United States against foreign countries. More information can be found by visiting the “Sanctions Programs and Country Information” page found here: https://www.treasury.gov/resource-center/sanctions/Programs/Pages/Programs.aspx. This feed includes Geo IP data provided by MaxMind.
Sanctions-High
May choose to block based on company policy. Contains IP's assigned to United States high-risk sanctioned countries listed by US Treasury Office of Foreign Assets Control (OFAC). The Treasury Department's Office of Foreign Asset Control (OFAC) administers and enforces economic sanctions imposed by the United States against foreign countries. More information can be found by visiting the "Sanctions Programs and Country Information" page found here: https://www.treasury.gov/resource-center/sanctions/Programs/Pages/Programs.aspx. This feed includes Geo IP data provided by MaxMind.
Sanctions-Med
May choose to block based on company policy. Contains IP's assigned to United States medium and high-risk sanctioned countries listed by US Treasury Office of Foreign Assets Control (OFAC). The Treasury Department's Office of Foreign Asset Control (OFAC) administers and enforces economic sanctions imposed by the United States against foreign countries. More information can be found by visiting the "Sanctions Programs and Country Information" page found here: https://www.treasury.gov/resource-center/sanctions/Programs/Pages/Programs.aspx. This feed includes Geo IP data provided by MaxMind.
Spambot_DNSBL_IP
In DNSBL format, this feed contains IPs of known spam servers. Enables protection against a computer or bot node as part of a botnet seen sending spam. Can be used to help block incoming Spam or potentially malicious emails from known spam sources by feeding into your email platform or appliance. please note, the Spambot_DNSBL_IP feed contains the same data as the Spambot IP feed above, but is formatted differently for RPZ zone file use.
...
Suspicous_Domains
The Suspicious destinations feed enables protection against hostnames that have not been directly linked to malicious behavior but behave in a manner that suggests malicious behavior may be imminent.
Suspicious indicators
The suspicious indicators feed identifies sites that should be blocked based on clear evidence, even though an attack using the indicator has not been triggered at that time.
TOR_Exit_Node_IP
Tor Exit Nodes are the gateways where encrypted Tor traffic hits the Internet. This means an exit node can be used to monitor Tor traffic (after it leaves the onion network). It is in the design of the Tor network that locating the source of that traffic through the network should be difficult to determine.
US OFAC Sanctions IP (Embargoed)
The US OFAC Sanctions IP feed can be blocked based on company policy. The feed blocks nations that are embargoed (Cuba, Iran, Myanmar, North Korea, Syria, and Venezuela).
US OFAC Sanctions High IP
The US OFAC Sanctions High IP feed can be blocked based on company policy. This feed blocks all of the nations in the embargoed list, plus the following: Belarus, Cambodia, Central African Republic, China, Democratic Republic of Congo, Iraq, Libya, Macao, Russia, and Yemen.
US OFAC Sanctions Medium IP
The US OFAC Sanctions High IP feed can be blocked based on company policy. This feed blocks all of the nations included in the embargoed and high lists, plus the following: Lebanon, Somalia, South Sudan, Sudan, and Zimbabwe.