Home  Prev  cOS Core 15.00.01 CLI Reference Guide  Next

3.16. BotnetProtection

Description

Protect both inbound and outbound traffic from undesired communication with command and control servers as well as infected zombie machines. Detected botnet peers are automatically blacklisted for efficient blocking. Specific hosts can be excluded from Botnet Protection using the Whitelist.

Properties

EnableBotnetBlacklist
Botnet Protection looks up source and destination IP addresses in the IP reputation database and adds malicious source and destinations to the Blacklist. (Default: No)
ZDEnabled
Enable ZoneDefense blocking. (Default: No)
ZDNetwork
Hosts within this range are blocked by ZoneDefense if a zombie machine is detected.
Attribute
Special Attribute of the current object. (Optional)
LogEnabled
Enable logging. (Default: Yes)
LogSeverity
Specifies with what severity log events will be sent to the specified log receivers. (Default: Default)
Comments
Text describing the current object. (Optional)
[Note] Note
This object type does not have an identifier and is identified by the name of the type only. There can only be one instance of this type.
Home  Prev   Next