Configuring C&C Blocking Settings

You can enable the C&C blocking feature and add IP address or IP addresses to the Approved List.

To enable C&C blocking:

1. Register Deep Discovery Inspector or TDA to your Network VirusWall Enforcer device.

2. Enable Threat Mitigation in Policy Enforcement. Refer to Step 6: Specify Threat Mitigation Rules.

3. Click Policy Enforcement > Block C&C Connections. The Block List screen appears.

4. Enable the Block connections to and from C&C servers detected by Deep Discovery Inspector option.

5. Click Save.

To add critical servers to the Approved List:

1. Go to Policy Enforcement > Block C&C Connections.

2. Click the Approved List tab.

3. Specify the IP address or IP address range. Optionally, add a comment to indicate why this was added to the Approved List.

4. Click Add to >.

5. Click Save.

See also

C&C Block List