![]() |
![]() |
![]() |
![]() |
v8.2.0 Release Notes for Web Protection Solutions : New in Web Protection Solutions
|
1.
|
Navigate to the Settings > Scanning > Scanning Options page and locate the Advanced File Analysis section.
|
2.
|
Check the box next to Enable Advanced File Analysis.
|
3.
|
4.
|
Enter the IP address of the Threat Protection Controller (prod1 interface) in the Controller IP address entry field.
|
5.
|
Click Check Status to confirm that Threat Protection is installed at that IP address.
|
1.
|
On the Settings > Alerts > Enable Alerts page of the TRITON Manager,
|
a.
|
Mark Enable email alerts and configure the email settings to send advanced file analysis alerts via email.
|
b.
|
Mark Enable SNMP alerts and provide information about your SNMP Trap system to deliver the advanced file analysis messages using SNMP.
|
c.
|
2.
|
Navigate to Settings > Alerts > Suspicious Activity and locate the Advanced File Analysis section.
|
3.
|
Check the box under Email to enable email alerts and under SNMP to enable SNMP alerts from advanced file analysis.
|
4.
|
![]() |
The Time period for the report.
|
![]() |
The Total number of incidents reported for that time period is provided.
|
![]() |
Malicious to include files that analysis has found to be malicious.
|
![]() |
Suspicious to include files found to have suspicious characteristics.
|
![]() |
No threat detected to report on files in which analysis did not find any malicious or suspicious characteristics.
|
![]() |
Threat Level: an assessment of the level of threat (malicious, suspicious, or none) associated with a file.
|
![]() |
Incident time: the date and time the file was sent for analysis.
|
![]() |
User: the user name (or IP address) associated with the activity that prompted the file analysis.
|
![]() |
Source: the IP address of the client machine in your network that sent or received the file.
|
![]() |
Destination: the IP address of the recipient of the HTTP request.
|
![]() |
URL: the URL from which the file is being downloaded or to which the file is being posted.
|
![]() |
Analyzed by: the IP address of the Threat Protection cluster or the location of the File Sandbox data center.
|
![]() |
Platform: The platform that provided the file analysis (Threat Protection or File Sandbox).
|
![]() |
Severity: the level of severity of the threat, on a scale of 1 to 10.
|
![]() |
![]() |
Protocol: the protocol used to transfer the file.
|
![]() |
File Name: the name of the file sent for analysis.
|
![]() |
File Hash: an SHA1 hash of the file sent for analysis.
|
![]() |
File Size (KB): the total file size, in kilobytes.
|
![]() |
File Type: the type of file sent for analysis. Types include PDF, Image, Executable, Document, and Web Page as well as others.
|
![]() |
Content Gateway: the IP address of the Content Gateway machine that sent the file for analysis
|
![]() |
The temporary data files are created based on the Cache file creation rate and Maximum cache file size options that also apply to log cache files.
|
![]() |
The data files are processed into the database using either ODBC (Open Database Connectivity) or BCP (Bulk Copy Program), depending on the Log Record Creation settings on the Settings > Reporting > Log Server page.
|
2.
|
Select Use identity provider for single sign-on to enable the single sign-on feature.
|
3.
|
For Identity provider, select Active Directory Federation Services.
|
4.
|
1.
|
Enter the unique Name for the exception.
|
2.
|
List the URLs that should be permitted by the exception.
|
3.
|
Check Permit only when accessed via a specific site and then, under Approved Referer URLs, enter the sites from which access should be granted.
|
4.
|
Specify which Clients are affected by this exception.
|
5.
|
Note that Permit has been selected and cannot be changed.
|
6.
|
7.
|
Click Advanced to
|
a.
|
Change the default selection for Block URLs that become a security risk, even if they are permitted by exception. (Not recommended)
|
8.
|
Click OK to cache and save your changes and return to the Exceptions page. Changes are not implemented until you click Save and Deploy.
|
1.
|
2.
|
Use the Search for list to specify how to perform the search:
|
![]() |
Select Entries containing search string to find all directory entries that contain the search term you entered.
|
![]() |
Select Exact search string only to find only the directory entry that precisely matches the search term.
|
4.
|
5.
|
Click a user name to select a user, or click Search Again to enter a new search term or context.
|
![]() |
![]() |
![]() |
![]() |
v8.2.0 Release Notes for Web Protection Solutions : New in Web Protection Solutions
|