Page 1 of 1

Config: End-Point Threat Detection & NFA-DC Service Access

Posted: Thu Nov 03, 2016 10:21 am
by digitoll
Netflow Data Center Services (NFA-DC) enable you to keep be kept updated with latest CySight content including:

External Threats

End-Point Threat Bad Actors such as botnets, Ransomware, The Onion Router (Tor), illicit p2p sharing, bad reputation, hackers and malware and contextual end-points found in External Accounts such as Social Networks, Search Engines, Video Streaming etc ....

Contextual information (Early access to changes usually only available in major releases)

ASN,
IP to Country,
MAC Address tables,
NBAR
etc ...

1) Enable Data Center Services access

Click on the Device and select Modify
Please note that Data Center service access is disabled by default. This is to prevent communications to our site unless specified by you
a) Check that your server is allowed to access "datacenter.cysight.ai"
b) Simply enable the Data Center Services and press confirm.

Image

2) Depending on your Device you may need to confirm that Threat Detection has been enabled for that Device.

a) Click on a Device and select Modify
b) Ensure that the "Detect Threat" is set to "Both Side IP"
c) If you edited please click "Confirm"

Image
PLEASE NOTE: Do not enable "Tune Threat". This is an advanced feature used to reduce overhead in certain very large environments
CySight Threat Feed is a Subscription and is available for a free 30-day evaluation from Data Center Services Activation