[ATP/FLEX] How to set up Sandboxing on Nebula






Nebula Control Center provides Sandboxing that can prevent user from downloading programs or files that concludes malicious content to protect user’s safety. You can create a Sandboxing profile in the security service path on Nebula and this article will guide you on how to deploy it.
Configuration steps
1. Navigate to Configure > Firewall > Security Service to enable the Sandboxing profile and edit it.
2. Configure Sandboxing profile
Enabled – Turn ON/OFF the Sandboxing feature.
Log – Create an event log when the sandboxing DB detects there is a malware content.
Policy – Choose Destroy (to delete the malicious file) or Allow (to forward the malicious file).
Inspect selected downloaded files – If enabling this option, the Nebula device would hold the downloaded file (which has never been inspected before) for 2 seconds to inquiry cloud Sandboxing DB and wait for its response to identify whether it is a malicious file or not. But if the process takes longer than 2 seconds, the inspected file may still be forwarded to the customer.
File submission options – Define which file type should be inspected by
sandboxing. Currently, it supports zip, exe, doc, swf, pdf, rtf file types.
Test Result
Once you download malicious files by accident, the traffic will be blocked.
The event log would show sandboxing message to inform you of the malicious file
name, MD5 hash value, etc.
Categories
- All Categories
- 184 Beta Program
- 1.7K Nebula
- 90 Nebula Ideas
- 63 Nebula Status and Incidents
- 4.7K Security
- 236 Security Ideas
- 1.1K Switch
- 51 Switch Ideas
- 915 WirelessLAN
- 27 WLAN Ideas
- 5.4K Consumer Product
- 174 Service & License
- 295 News and Release
- 65 Security Advisories
- 14 Education Center
- 984 FAQ
- 427 Nebula FAQ
- 255 Security FAQ
- 100 Switch FAQ
- 115 WirelessLAN FAQ
- 21 Consumer Product FAQ
- 66 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 68 About Community
- 52 Security Highlight