[ATP/FLEX] How to set up Sandboxing on Nebula






Nebula Control Center provides Sandboxing that can prevent user from downloading programs or files that concludes malicious content to protect user’s safety. You can create a Sandboxing profile in the security service path on Nebula and this article will guide you on how to deploy it.
Configuration steps
1. Navigate to Firewall > Configure > Security Service to enable the Sandboxing profile and edit it.
2. Configure Sandboxing profile
Enabled – Turn ON/OFF the Sandboxing feature.
Log – Create an event log when the sandboxing DB detects there is a malware content.
Policy – Choose Destroy (to delete the malicious file) or Allow (to forward the malicious file).
Inspect selected downloaded files – If enabling this option, the Nebula device would hold the downloaded file (which has never been inspected before) for 2 seconds to inquiry cloud Sandboxing DB and wait for its response to identify whether it is a malicious file or not. But if the process takes longer than 2 seconds, the inspected file may still be forwarded to the customer.
File submission options – Define which file type should be inspected by
sandboxing. Currently, it supports zip, exe, doc, swf, pdf, rtf file types.
Test Result
Once you download malicious files by accident, the traffic will be blocked.
The event log would show sandboxing message to inform you of the malicious file
name, MD5 hash value, etc.
Categories
- 7.8K All Categories
- 1.6K Nebula
- 53 Nebula Ideas
- 53 Nebula Status and Incidents
- 4.3K Security
- 215 Security Ideas
- 906 Switch
- 40 Switch Ideas
- 803 WirelessLAN
- 15 WLAN Ideas
- 5K Consumer Product
- 131 Service & License
- 260 News and Release
- 49 Security Advisories
- 6 Education Center
- 573 FAQ
- 273 Nebula FAQ
- 132 Security FAQ
- 73 Switch FAQ
- 72 WirelessLAN FAQ
- 7 Consumer Product FAQ
- Documents
- 34 Nebula Monthly Express
- 67 About Community
- 40 Security Highlight