Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

Freeware & Evaluations

Reply

I am unable to get the threat feed. How can I troubleshoot?

Guru
Posts: 26
2697     0
 

In order to get the latest

Not applicable
Posts: 5
2698     0

In order to get the latest threat feed, the DNS firewall needs to be able to reach our servers in the cloud. Please make sure that you have done the following - 

a) You have registered the proper IP address with us when you downloaded the eval kit. Refer to the invitation email you got when you filled request form. This link will take you to the page where you can update this information. 

b) The IP address you gave us must be reachable from the Internet, either directly or via one to one NAT. More specifically access to port 53 (DNS) must be possible for both TCP and UDP traffic. Please talk to your security administrator to ensure that you have the right configuration. 

c) Once you have the 2 steps above covered, log in to your DNS firewall and navigate to  "Administration --> Logs --> Syslog". Select the Quickfilter "Reputation Feed", this will show you all the log messages related to the security feed.  

d) You should see a message that indicates that the zone transfer has started. Now your box will be updated approximately every 2 hours with the latest threat intel.

Showing results for 
Search instead for 
Did you mean: 

Recommended for You