Articles in this section

See more

Enabling Real-time Cloud Threat Intelligence and Web Categorization

SVN Support Team
  • Updated
Follow
 
Announcement

Our new documentation site is alive!
You can view our latest documents here.

Overview

 

Cloud Threat Intelligence tab provides you with the ability to manage the cloud threat intelligence servers for querying real time information about threat intelligence and web categorization.

 


Figure 1. Configuration - Cloud Threat Intelligence

Enabling Cloud Reputation & Web Categorization

To enable/disable updates from cloud threat intelligence servers:

  1. Turn on/off the toggle button on the first line of the pane
  2. Click Save Changes at the end of the pane.

TIP: It is recommended that you should enable this feature for effective application and web filtering.

Clearing Cache

You can also use the “Clear Cloud Cache” function to delete all cached categorization information. Sensei caches the query results for better performance, and periodically checks for updates on the cached items. Clearing the cache might come handy if you want some particular categorization change to get applied immediately.


Figure 2. Clearing Cloud Cache

Local Domain Exclusion

You can configure your local domain names to be excluded from being queried on Cloud Server. This might be handy if you see that your local domain is being categorized as “Firstly Seen Sites”. Domains entered here will match for all subdomains and FQDNs. For instance: “Example.com” will also cover sub.example.com and “host.sub.example.com”. You don’t need to add each subdomain separately.

If you want to exclude your domain,

  1. Enter this in the “Local Domain Name to Exclude Cloud Queries” field.
  2. Click Save Changes at the end of the pane.


Figure 3. Excluding Local Domain From Cloud Queries

Selecting Cloud Reputation Servers

Cloud Reputation servers will be automatically selected by the engine according to their network response times. Two cloud servers with the best response times will be automatically selected and configured. You can also set them up manually. To set another server,

  1. Click the green checkbox so that the existing cloud server with a bad response time is unselected.
  2. Click the grey checkbox with a minus icon to select the new server.


Figure 4. Selecting Cloud Reputation Servers

Note: At least two servers must be configured as Cloud Reputation Server

You can check the status of the Cloud Reputation Servers by clicking the Re-Check Nodes Status button at the end of the page.

Related articles

Powered by Zendesk