4.5 Threat Prevention

Printer Friendly Page

4.5 Threat Prevention

 

This activity results in policies and profiles being highly tuned for the customer’s threat landscape, and takes advantage of the added visibility provided by the implementation of SSL Decryption.  Tasks completed in this activity include: 

 

  • Tune all Antivirus profiles, including WildFire Antivirus, to appropriate level
  • Tune Spyware profiles to block Severity levels Critical, High, and Medium
  • Block all Malware, Command-and-Control, and Phishing to the Internet
  • Allow any needed access to the Hacking URL category and block the remainder
  • Research and recategorize Categories Parked, Dynamic DNS, and Unknown for any necessary permitted URLs in anticipation of blocking these in Transformation Level 3.
  • Tune File blocking profiles to block PEs and other recommended file types
  • Tune WildFire for Malicious Verdict emails

 

Deliverables: 

  • Threat-specific addendum to the As-Built document
  • Threat Assessment Report and Recommendations: Daily, Weekly, Monthly Threat Assessment and Tuning Operational Guide

 

Consultant Collateral: 

  • Threat Control Best Practice Document
Ask Questions Get Answers Join the Live Community
Version history
Revision #:
2 of 2
Last update:
‎07-02-2020 11:21 AM
Updated by:
 
Labels
Contributors