Documentation | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Internet Usage Filters > Managing access to categories, protocols, and cloud apps > Security protocol groups
Security protocol groups
Administrator Help | Forcepoint Web Security and Forcepoint URL Filtering | v8.5.x
In addition to the Security and Extended Protection categories, there are 2 protocol groups intended to help detect and protect against spyware and malicious code or content transmitted over the Internet.
*
The Malicious Traffic protocol group includes the Bot Networks protocol, aimed at blocking command-and-control traffic generated by a bot attempting to connect with a botnet for malicious purposes.
*
The Malicious Traffic (Cannot block) protocol group is used to identify traffic that may be associated with malicious software.
*
Email-Borne Worms tracks outbound SMTP traffic that may be generated by an email-based worm attack.
*
Other tracks inbound and outbound traffic suspected of connection with malicious applications.
The Malicious Traffic protocol group is blocked by default, and can be configured within your protocol filters (see Editing a protocol filter). The Malicious Traffic (Cannot block) protocols can be logged for reporting, but no other action can be applied.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Internet Usage Filters > Managing access to categories, protocols, and cloud apps > Security protocol groups
Copyright 2023 Forcepoint. All rights reserved.