Identifies direct attacks on your network applications
or operating system.
Includes a set of signatures associated with specific
commands or text found in commands that could be harmful.
For a HTTPS proxy policy, enable a HTTPS
|Reputation Enabled Defense
Uses cloud-based WatchGuard reputation servers that
assign a reputation score between 1 and 100 to every
URL. When a user goes to a website, RED sends the
requested web address (or URL) to the WatchGuard
reputation server. The WatchGuard server responds with a
reputation score for that URL. Based on the reputation
score, and on locally configured thresholds, RED
determines whether the Firebox should drop the traffic,
allow the traffic and scan it locally with Gateway AV,
or allow the traffic without a local Gateway AV scan.
This increases performance, because Gateway AV does not
need to scan URLs with a known good or bad reputation.
WebBlocker uses a
database of websites, organized into categories based on
their content. You configure WebBlocker to control which
website categories your users can connect to. When a
user on your network browses the Internet, the Firebox
automatically checks the WebBlocker Server to see if the
site is allowed. If the site is on the deny list, the
user receives a message that the site is not available.
You can enable a cache of WebBlocker entries, and set
the cache size and expiration date.
technology from CYREN (formerly Commtouch) to block spam
at your Internet gateway. spamBlocker looks for patterns
in spam traffic, instead of the contents of individual
email messages. Because it uses a combination of rules,
pattern matching, and sender reputation, it can find
spam in any language, format, or encoding method.
Works with SMTP, POP3, and IMAP proxy policies to
examine up to 20,000 bytes of each inbound email
message. You can configure the Firebox to take any of
the following actions when spamBlocker determines that
an email message processed by the SMTP proxy is spam:
If you use spamBlocker with the POP3 or IMAP proxy,
you have only two actions to choose from: Add Subject
Tag and Allow. You cannot use the Quarantine Server with
the POP3 or IMAP proxy.
spamBlocker does not detect spam in outgoing SMTP
email. To prevent spam from originating from your
network and conserve network resources, you should
disable email relay functionality on your email server
and enable email relay protection to inbound email using
the incoming SMTP proxy action.
viruses and trojans brought into your network through
email, web browsing, TCP connections, or FTP downloads.
control the use of web-based applications on your
For example you can:
For a HTTPS proxy policy, enable content
inspection in the HTTPS proxy action