Views:
IBM Security Network Protection (XGS), provides a web services API that enables third-party applications such as Deep Discovery Email Inspector to directly submit suspicious objects. IBM XGS can perform the following functions:
  • Quarantine hosts infected with malware
  • Block communication to C&C servers
  • Block access to URLs found to be distributing malware
To integrate Deep Discovery Email Inspector with IBM XGS, configure a generic agent to do the following:
  • Accept alerts that adhere to a specific schema
  • Create quarantine rules based on a generic ATP translation policy
The ATP translation policy allows several categories of messages to take different actions on IBM XGS, including blocking and alerting.
Related information