Configure Advanced Threat Protection Settings
- Click
'Configuration' > 'Security Policy' > 'Advanced Threat
Protection', to open this interface.
Comodo Secure Web Gateway (SWG) ships with a default security policy configured to block all web threats. This policy is deployed onto roaming devices / networks immediately after their enrollment and cannot be deleted. However, as your requirements demand, you can create exceptions and deploy these to networks / roaming devices as required.
The interface is divided into four sections:
Allows you to specify domains will should ignored by the Advanced Threat Prevention system.
Add Policy Exceptions - Table of Column Descriptions |
|
---|---|
Column Header |
Description |
Name |
The label of the policy containing the exceptions. |
Criteria |
Specifics of the exception.
|
Remark |
Comments provided for the policy exception. |
Actions |
You can edit and / or delete an exception. Please note that the default profile cannot be deleted but exceptions can be added. |
To add a new ATP policy exception, click 'New Exception' at the top right.
- Policy Name - Enter a descriptive label for the ATP exception.
- Remark - Enter any comments you wish to add about the exception.
- Click 'Next' to proceed or 'Settings' if you wish to specify domain whitelist and blacklist.
- Domain Whitelist - Domains that you want to exempt from SWG filtering rules. Please note this list takes priority over all other settings. All files downloaded from white-listed websites will be allowed, even those that are potentially malicious. Make sure the sites that are white-listed are safe. Click the '+' button after entering the domain name in the field. To remove a domain name, select it and click the '-' button.
- Domain Blacklist - Domains from which users are banned from downloading files.Users are still allowed to visit blacklisted sites, but are not able to download files from them. The 'Blacklisted Domains' tile on the dashboard shows attempts to download files from blacklisted sites. Click the '+' button after entering the domain name in the field. To remove a domain name, select it and click the '-' button.
- Click 'Create'
The new ATP policy exception will be created and displayed on the list.
This new ATP policy will be available for selection when creating / editing a policy. See 'Apply Policies to Network' for more details.
Global Advanced Threat Protection Settings
Displays the built-in protection settings. The available settings are:
- Botnet Protection – Command and Control Servers (C & C Servers)
- Malicious Content Protection – Malicious content sites, Malicious URLs, Browser exploits
- Fraud Protection - Phishing sites]
- DDOS Protection – Distributed Denial of Service attacks
- XSS Protection – Cookie stealing
- Additional Settings – Password-protected archive files, Unscannable file types
- Tunneling – TOR nodes, P2P nodes and VPN servers
- Remote Access Protection – Remote access services and brute force / scanner
- Click on a protection type to expand the box and view all settings.
- Use the switches to enable or disable specific settings.
- The setting will be applied globally, to all protected domains and endpoints.
- You can create a policy with exceptions which you can to deploy to a particular network or endpoint See 'ATP Policy Exceptions' to find out how to add exceptions to the global settings.
Allows to upload SHA1 hash values of files that should be blocked globally on the enrolled networks while trying to download.
- Clicking on the link will open the 'Global Blocked File List' page from where you can upload the SHA1 hash values of the files that you want to be blocked from downloading.
The list of SHA1 hash values already uploaded will be displayed.
- To upload hash value of a file, enter the value in the field and click the '+' button. The value will be added and displayed.
- To remove a hash value from the list, click the trash can icon beside it. Click' OK' in the confirmation screen to remove the SHA1 value.
- Click 'Back' to return to ATP settings
interface.
Allows to
block websites that are hosted in specific countries. You can add
multiples countries.
- Select the country from the drop-down and click the '+' button
- Click 'Save Blocked Country List' to save your changes
- To remove a country from the list, click the
trash icon beside it.