Question: What are the different containment actions available in CDR, and how do they behave? Answer: Alert: This action simply sends an alert notification email to the configured recipient and does not restrict client traffic. Block: This blocks the client's traffic on both the Nebula AP and Firewall, and redirects the…
Question: Do I need a specific license to use the CDR feature on Nebula, and are there any other settings I need to enable first? Answer: License Requirement: Yes, this feature requires a license. You must have a Gold security pack to enable CDR. Prerequisites: Because CDR relies entirely on your security services to…
Question: Why is a new client being blocked immediately by CDR when it connects to the network? Answer: The firewall containment list references the client’s source IP. New devices might obtain an IP address that is still in the containment list if the DHCP lease of a contained client expires before the containment period…
Question: How can I check whether a host has triggered CDR? Answer: You can check by the command "cmd _debug cdr show-containment-list" usgflex200h> cmd _debug cdr show-containment-list cdr-debug-show-containment-list data status " CDR Containment SummaryTotal Events: 1 [2026/04/15 09:28:30] IP: 192.168.168.38 MAC:…
Collaborative Detection & Response (CDR) integrates Nebula firewalls and Nebula access points to deliver automated threat responses and mitigate risks. Powered by an advanced rule-based policy engine, the Nebula firewall detects cyberthreats and reports them to the Nebula cloud. The Nebula Control Center then automatically…
It looks like you're new here. Sign in or register to get started.