[ATP/FLEX] How to set up Sandboxing on Nebula






Nebula Control Center provides Sandboxing that can prevent user from downloading programs or files that concludes malicious content to protect user’s safety. You can create a Sandboxing profile in the security service path on Nebula and this article will guide you on how to deploy it.
Configuration steps
1. Navigate to Configure > Firewall > Security Service to enable the Sandboxing profile and edit it.
2. Configure Sandboxing profile
Enabled – Turn ON/OFF the Sandboxing feature.
Log – Create an event log when the sandboxing DB detects there is a malware content.
Policy – Choose Destroy (to delete the malicious file) or Allow (to forward the malicious file).
Inspect selected downloaded files – If enabling this option, the Nebula device would hold the downloaded file (which has never been inspected before) for 2 seconds to inquiry cloud Sandboxing DB and wait for its response to identify whether it is a malicious file or not. But if the process takes longer than 2 seconds, the inspected file may still be forwarded to the customer.
File submission options – Define which file type should be inspected by
sandboxing. Currently, it supports zip, exe, doc, swf, pdf, rtf file types.
Test Result
Once you download malicious files by accident, the traffic will be blocked.
The event log would show sandboxing message to inform you of the malicious file
name, MD5 hash value, etc.
Categories
- All Categories
- 431 Beta Program
- 2.6K Nebula
- 169 Nebula Ideas
- 112 Nebula Status and Incidents
- 6K Security
- 368 USG FLEX H Series
- 294 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.7K Consumer Product
- 265 Service & License
- 409 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.9K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 83 Security Highlight