V4.60 External Black List
Hello,
V4.60 has introduced a new option in Security Service > Reputation Filter > IP Reputation for External Black List
Could I get an example of a blacklist which works with this option? I am unsure what the source format should look like.
I'd also like to call out that the help pages are currently returning a 404. For example, the one for this new blacklist
http://webhelp.zyxel.com/search.action?model=ATP500&majVer=V4.60&minVer=&fwID=ABFU&lang=EN&hash=context/Help/SecurityService_ReputationFilter_IPReputation_ExternalBlackList&help_version=2
V4.60 has introduced a new option in Security Service > Reputation Filter > IP Reputation for External Black List
Could I get an example of a blacklist which works with this option? I am unsure what the source format should look like.
I'd also like to call out that the help pages are currently returning a 404. For example, the one for this new blacklist
http://webhelp.zyxel.com/search.action?model=ATP500&majVer=V4.60&minVer=&fwID=ABFU&lang=EN&hash=context/Help/SecurityService_ReputationFilter_IPReputation_ExternalBlackList&help_version=2
0
Accepted Solution
-
@bkuschel
Regarding to detect mechanism of URL Threat Filter,
the device mainly scan hostname.
Here is an example as your reference,
create txt file with office365.login.microsoftonline.com.boffic.com as context.
Therefore, on this situation, the hostname will be office365. Not login.microsoftonline.com.
You can check the result as below
5
All Replies
-
@bkuschel
Regarding to external black list,Enter the exact file name, path and IP address of the server containing the black list file.For example, http://172.16.107.20/blacklist-files/myip-ebl.txtThe web help is working now. You can check it.0 -
Thank you @Zyxel_Charlie. I can get to the online help now.I do notice a potential issue for the URL threat filter blacklist. A blacklist I linked included the following URLoffice365.login.microsoftonline.com.boffic.combut it is matchinglogin.microsoftonline.comeven without wildcards.
Would it be correct to say this is not the intended behavior?
0 -
@bkuschel
Regarding to detect mechanism of URL Threat Filter,
the device mainly scan hostname.
Here is an example as your reference,
create txt file with office365.login.microsoftonline.com.boffic.com as context.
Therefore, on this situation, the hostname will be office365. Not login.microsoftonline.com.
You can check the result as below
5 -
@bkuschel
The issue has been confirmed, so we will have solution in next release.0
Categories
- All Categories
- 347 Beta Program
- 2.1K Nebula
- 114 Nebula Ideas
- 77 Nebula Status and Incidents
- 5K Security
- 44 USG FLEX H Series
- 246 Security Ideas
- 1.2K Switch
- 65 Switch Ideas
- 901 WirelessLAN
- 33 WLAN Ideas
- 5.8K Consumer Product
- 204 Service & License
- 326 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.8K FAQ
- 831 Nebula FAQ
- 401 Security FAQ
- 219 Switch FAQ
- 190 WirelessLAN FAQ
- 45 Consumer Product FAQ
- 136 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 71 About Community
- 61 Security Highlight