Advanced Anti-Bot Settings:

  • Background Protection Mode:

    • Background - This is the default mode. Connections are allowed while the bots are checked in the background.

    • Hold - Connections are blocked until the bot check is complete.

  • Hours to suppress logs for same bot protection - To minimize the size of the Anti-Bot logs, actions for the same bot are only logged one time per hour. The default value is 1 hour. To change the default log interval , select a number of hours.

  • Days to remove bot reporting after - If a bot does not connect to its command and control server after the selected number of days, the client stops reporting that it is infected. The default value is 3 days.

  • Confidence Level - The confidence level is how sure Endpoint Security is that an activity is malicious. High confidence means that it is almost certain that the activity is malicious. Medium confidence means that it is very likely that the activity is malicious. You can manually change the settings for each confidence level. Select the action for High confidence, medium confidence and low confidence bots:

    • Prevent - Blocks bots

    • Detect - Logs information about bots, but does not block them.

    • Off - Ignores bots (does not prevent or detect them).

  • DNS Inspection Mode - DNS Inspection Mode is a security feature that monitors and inspects all websites your device attempts to access, ensuring protection against malicious or harmful sites. This feature is turned on by default, even before any Security Policies are applied to the device. Once you manually configure DNS Inspection Mode (turning it on or off), your settings will override the default settings from the management server. This ensures your device is protected immediately, allowing you to customize the settings later.