[ATP/FLEX] How to set up Sandboxing on Nebula
Zyxel Employee
Nebula Control Center provides Sandboxing that can prevent user from downloading programs or files that concludes malicious content to protect user’s safety. You can create a Sandboxing profile in the security service path on Nebula and this article will guide you on how to deploy it.
Configuration steps
1. Navigate to Configure > Firewall > Security Service to enable the Sandboxing profile and edit it.
2. Configure Sandboxing profile
Enabled – Turn ON/OFF the Sandboxing feature.
Log – Create an event log when the sandboxing DB detects there is a malware content.
Policy – Choose Destroy (to delete the malicious file) or Allow (to forward the malicious file).
Inspect selected downloaded files – If enabling this option, the Nebula device would hold the downloaded file (which has never been inspected before) for 2 seconds to inquiry cloud Sandboxing DB and wait for its response to identify whether it is a malicious file or not. But if the process takes longer than 2 seconds, the inspected file may still be forwarded to the customer.
File submission options – Define which file type should be inspected by
sandboxing. Currently, it supports zip, exe, doc, swf, pdf, rtf file types.
Test Result
Once you download malicious files by accident, the traffic will be blocked.
The event log would show sandboxing message to inform you of the malicious file
name, MD5 hash value, etc.
Categories
- All Categories
- 431 Beta Program
- 2.6K Nebula
- 164 Nebula Ideas
- 112 Nebula Status and Incidents
- 6K Security
- 364 USG FLEX H Series
- 292 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 262 Service & License
- 407 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.9K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 83 Security Highlight