Comodo Help
Find the desired product help
Comodo Secure Web Gateway

Comodo Secure Web Gateway

Secure Web Gateway Admin Guide

English

Print Help Download Help
Manage Policies > Security Policy > Configure Advanced Threat Protection Settings
  • Introduction To Comodo Secure Web Gateway
    • Purchase Licenses
    • Login To The Admin Console
  • The Admin Console
  • The Dashboard
    • Customize The Dashboard
  • Configure Comodo Secure Web Gateway
    • Connect Your Network / Devices To Secure Web Gateway
      • Traffic Forwarding Via Direct Proxy Or PAC
      • Traffic Forwarding Via Proxy Chaining
      • Traffic Forwarding Via Internet Content Adaptation Protocol (ICAP)
      • Traffic Forwarding Via SWG Agent
    • Connect Your Roaming Devices To Comodo Secure Web Gateway
      • View Enrolled Roaming Devices
    • Configure Comodo Secure Web Gateway Messages
    • Configure Domain Name
    • Configure PAC File For Exclusions
    • Configure Data Loss Prevention And View ICAP Service Information
    • Configure Policy Time-Schedules
  • Manage Trusted Networks
  • Manage Policies
    • Security Policy
      • Configure Advanced Threat Protection Settings
      • Configure Containerization Settings
    • Web Content Policy
      • Manage URL Filtering Policies
      • Configure SSL Inspection Settings
      • Manage File Type Control Rules
  • Apply Policies To Networks
  • Administration
    • Configure User Authentication Settings
    • User Management
      • Manage Users
      • Manage User Groups
      • Manage Departments
      • Manage Computers
    • My Profile
  • Reports
    • Custom Reports
    • Scheduled Reports
  • Unknown Threat Statistics
  • About Comodo Security Solutions

Configure Advanced Threat Protection Settings

 
  • Click 'Configuration' > 'Security Policy' > 'Advanced Threat Protection', to open this interface.

Comodo Secure Web Gateway (SWG) ships with a default security policy configured to block all web threats. This policy is deployed onto roaming devices / networks immediately after their enrollment and cannot be deleted. However, as your requirements demand, you can create exceptions and deploy these to networks / roaming devices as required.




The interface is divided into four sections:

  • ATP Policy Exceptions
  • Global Advanced Threat Protection Settings
  • Global Blocked Files List
  • Blocked Country List


    ATP Policy Exceptions

       

      Allows you to specify domains will should ignored by the Advanced Threat Prevention system.


      Add Policy Exceptions - Table of Column Descriptions

      Column Header

      Description

      Name

      The label of the policy containing the exceptions.

      Criteria

       Specifics of the exception.

      • 'Inherits All Global Settings' - The policy will enforce all settings configured in the 'Global Advanced Threat Protection Settings' in the lower-half of the interface, except
      • Exceptions - Blacklisted items will always be blocked. Whitelisted items will always be allowed. These are regardless of settings in the lower pane.

      Remark

      Comments provided for the policy exception.

      Actions

      You can edit and / or delete an exception. Please note that the default profile cannot be deleted but exceptions can be added.


      To add a new ATP policy exception, click 'New Exception' at the top right.




        • Policy Name - Enter a descriptive label for the ATP exception.
        • Remark - Enter any comments you wish to add about the exception.
        • Click 'Next' to proceed or 'Settings' if you wish to specify domain whitelist and blacklist.


        • Domain Whitelist - Domains that you want to exempt from SWG filtering rules. Please note this list takes priority over all other settings. All files downloaded from white-listed websites will be allowed, even those that are potentially malicious. Make sure the sites that are white-listed are safe. Click the '+' button after entering the domain name in the field. To remove a domain name, select it and click the '-' button.
        • Domain Blacklist - Domains from which users are banned from downloading files.Users are still allowed to visit blacklisted sites, but are not able to download files from them. The 'Blacklisted Domains' tile on the dashboard shows attempts to download files from blacklisted sites. Click the '+' button after entering the domain name in the field. To remove a domain name, select it and click the '-' button.
        • Click 'Create'

        The new ATP policy exception will be created and displayed on the list.




        This new ATP policy will be available for selection when creating / editing a policy. See 'Apply Policies to Network' for more details.


        Global Advanced Threat Protection Settings


        Displays the built-in protection settings. The available settings are:

        • Botnet Protection – Command and Control Servers (C & C Servers)
        • Malicious Content Protection – Malicious content sites, Malicious URLs, Browser exploits
        • Fraud Protection - Phishing sites]
        • DDOS Protection – Distributed Denial of Service attacks
        • XSS Protection – Cookie stealing
        • Additional Settings – Password-protected archive files, Unscannable file types
        • Tunneling – TOR nodes, P2P nodes and VPN servers
        • Remote Access Protection – Remote access services and brute force / scanner


         

        • Click on a protection type to expand the box and view all settings.
        • Use the switches to enable or disable specific settings.




        • The setting will be applied globally, to all protected domains and endpoints.
        • You can create a policy with exceptions which you can to deploy to a particular network or endpoint See 'ATP Policy Exceptions' to find out how to add exceptions to the global settings.

        Global Blocked Files List


        Allows to upload SHA1 hash values of files that should be blocked globally on the enrolled networks while trying to download.



        • Clicking on the link will open the 'Global Blocked File List' page from where you can upload the SHA1 hash values of the files that you want to be blocked from downloading.



        The list of SHA1 hash values already uploaded will be displayed.

        • To upload hash value of a file, enter the value in the field and click the '+' button. The value will be added and displayed.
        • To remove a hash value from the list, click the trash can icon beside it. Click' OK' in the confirmation screen to remove the SHA1 value.
        • Click 'Back' to return to ATP settings interface.


        Blocked Country List


        Allows to block websites that are hosted in specific countries. You can add multiples countries.



        • Select the country from the drop-down and click the '+' button
        • Click 'Save Blocked Country List' to save your changes
        • To remove a country from the list, click the trash icon beside it.

        Our Products
        • Free Antivirus
        • Free Internet Security
        • Website Malware Removal
        • Free Anti-Malware
        • Anti-Spam (Free Trial)
        • Windows Antivirus
        • Antivirus for Windows 7
        • Antivirus for Windows 8
        • Antivirus for Windows 10
        • Antivirus for MAC
        • Antivirus for Linux
        • Free Endpoint Security
        • Free ModSecurity
        • Free RMM
        • Free Website Malware Scanner
        • Free Device Manager for Android
        • Free Demo
        • Network Security
        • Endpoint Protection
        • Antivirus for Android
        • Comodo Antivirus
        • Wordpress Security
        Cheap CDN
        • Bootstrap CDN
        • Semantic UI CDN
        • Jquery CDN
        • CDN Plans
        • CDN
        • Free CDN
        Enterprise
        • Patch Management Software
        • Patch Manager
        • Service Desk
        • Website Down
        • Endpoint Protection Solutions
        • Website Security Check
        • Remote Monitoring and Management
        • Website Security
        • Device Manager
        • ITSM
        • CRM
        • MSP
        • Android Device Manager
        • MDR Services
        • Ransomware Prevention
        • Managed IT Support Services
        • Free EDR
        Free SSL Certificate
        Support Partners Terms and Conditions Privacy Policy

        © Comodo Group, Inc. 2024. All rights reserved.