-
Why does an SF_CB_IP-related security policy appear in the event log?
Question : Why is there an SF_CB_IP-related security policy event log? For instance, the source IP 10.10.123.33 was blocked by the security policy"SF_CB_10.10.123.33". However, there is no security policy called "SF_CB_10.10.123.33". Answer : The event log message 'SF_CB' stands for Security Firewall_Client Block. The…
-
How to check historically suspicious IP addresses using the Country Map in Secureporter?
Question: The Nebula firewall may detect some security-related events, and users may want to check historically suspicious source IPs using the Country Map feature in Secureporter. This article will guide you on how to do that. Answer : The Nebula user can select the SecuReporter icon to be redirected to the SecuReporter…
-
[ATP/FLEX] Does the Allow list of Anti-Malware support MD5 hash values in the Nebula firewall?
Question : Does the Allow list of Anti-Malware support MD5 hash values in the Nebula firewall? Answer : Yes, in addition to file names, the Allow list of Anti-Malware also supports MD5 hash values in the Nebula firewall. For example, the user can add both the file name and the hash value to the Allow list, as shown below:
-
[ATP/FLEX] How to avoid false positive detection by Anti-Malware in the Nebula firewall?
Scenario : If a user encounters a false positive detection by Anti-Malware in the Nebula firewall, how can this be avoided? Answer : For instance, if a user downloads a file called 'office.exe' but it fails due to being blocked by Anti-Malware (the user can find the blocked log message under Site-wide > Monitor > Firewall…
-
[ATP/FLEX] How to check the IP belongs to which country by CLI?
Scenario : The user can use the CLI to check which country an IP address belongs to. This FAQ will guide you on how to perform this check. Answer : Please login to the device via SSH or console serial cable and issue the CLI command "show geo-ip geography address IP address". For instance, we issued the CLI command "show…
-
[ATP/FLEX]How can I allow Geo-IP to access the internal client via NAT?
Scenario : If the user wants to allow Geo-IP to access the internal client via NAT, how should it be configured? Answer : First, please navigate to Site-Wide > Configure > Firewall > NAT to add a NAT rule. Second, please navigate to Site-wide > Configure > Firewall > Security policy to add a security policy to allow the…
-
[ATP/FLEX] Is it possible for users to bypass the content filter?
Scenario : If the user creates a security policy that applies the Content Filter but still wants to allow a specific user to bypass the Content Filter's detection, how can this be configured? Answer : Please navigate to Site-wide > Configure > Firewall > Security service > IP Exception to add the specific source IP to…
-
How do I synchronize my security UTM across my sites or organizations?
Question: How do I synchronize my security UTM across my sites or organizations? Answer: You can use the feature Security Profile Sync to share the same Security service configuration with multiple sites in an organization. It would replace the Security Service settings configured for each site. Go to Organization-wide >…
-
[ATP/FLEX] How to block the specific IP to access or establish VPN with the Nebula firewall?
Question : Users may want to block specific IPs from accessing or establishing VPN connections with the Nebula firewall for security purposes. This article will guide you on how to deploy this feature. Answer : Please navigate to Site-wide > Configure > Firewall > Security Policy > Add a security policy. Choose the Action…
-
[ATP/FLEX] How to use CDR to block the client who accesses malicious websites?
Scenario : The network administrator may want to block the client who accesses malicious websites. This article will use CDR(Collaborative detection & response) to achieve this goal. Answer : Please navigate to Site-wide > Configure > Collaborative detection & response and set the category Web Threats, Occurrence: 3,…
-
[ATP/FLEX] How to block Youtube by schedule on Nebula?
Scenario : The user may wish to block Youtube during a specific time interval and this article will guide you on how to set it up. Answer: If the user wants to block Youtube during PM 7:00 - 9:00 daily, please refer to the below steps: Step 1: Go to Site-wide > Configure > Firewall > Security Service > Application Patrol…
-
[ATP/FLEX] How to use Policy Client to block specific clients on Nebula?
The Nebula provides a Policy Client feature that allows you to block specific clients in your environment. This article will guide you on how to deploy this feature. Navigate to site-wide > Clients to choose the client that you want to block. Click on Policy then select Block list and finally click Apply policy to move the…
-
[ATP/FLEX] How to set up Sandboxing on Nebula
Nebula Control Center provides Sandboxing that can prevent user from
downloading programs or files that concludes malicious content to protect user’s
safety. You can create a Sandboxing profile in the security service path on
Nebula and this article will guide you on how to deploy it. Configuration steps 1. Navigate to…
-
[ATP/FLEX] How to set up Anti-Malware on Nebula
Nebula Control Center provides Anti-Malware that can prevent user from
downloading files with malicious virus content to protect user’s connected
network safety. You can create an Anti-Malware profile in the security service
path on Nebula and this article will guide you on how to deploy it. Configuration steps 1.…
-
[ATP/FLEX] How to set up IP Reputation on Nebula
Nebula Control Center provides the IP Reputation that can avoid users to navigate malicious IP addresses and URLs and allows the administrator to manage which IP addresses can be navigated or not. You can create an IP Reputation profile in the security service path on Nebula and this article will guide you how to deploy…
-
[ATP/FLEX] How to Set Up DNS/URL Threat Filter on Nebula
Nebula Control Center provides the DNS/URL Threat Filter that can avoid users
to browse some malicious FQDNs and URLs and allows administrator to manage what
URLs can be browsed or not. You can create a DNS/URL Threat Filter profile in
the security service path on the Nebula and this article will guide you how to
deploy…
-
[ATP/FLEX] How to Set Up IP Exception on Nebula
Nebula Control Center provides the IP Exception that can allow some specific hosts to bypass security services. You can create IP Exception profiles in the security service path on the Nebula and this article will guide you how to deploy it. Configuration steps 1. Navigate to Configure > Firewall > Security Service, click…
-
[ATP/FLEX] How to Block applications with Application Patrol (App Patrol) on Nebula?
Nebula Control Center provides the App Patrol that allows you to restrict
popular applications in your environment. You can create different app patrol profiles
for different addresses, schedules, users, or groups. This article will guide
you how to deploy it. Configuration steps 1. Navigate to Configure > Firewall…
-
[ATP/FLEX] How to Set up Content Filter on Nebula
Nebula Control Center provides the Content Filter solution that allows
you to block access to certain websites and specific categories of the website
content. You can create different content filter policies for different
addresses, schedules, users, or groups. This article will guide you in blocking
access to social…