What can I do here?
Use this window to set the IP address for the Malware DNS trap.
Getting Here - Security Policies > Threat Prevention > Policy > Threat Tools > Profiles > Profile > Advanced > Malware DNS Trap |
The Malware DNS trap works by configuring the Security Gateway to return a false (bogus) IP address for known malicious hosts and domains. You can use the Security Gateways external IP address as the DNS trap address but:
You can also add internal DNS servers to better identify the origin of malicious DNS requests.
Using the Malware DNS Trap you can detect compromised clients by checking logs with connection attempts to the false IP address.
At the Security Gateway level, you can configure the DNS Trap according to the profile settings or as a specific IP address for all profiles on the specific gateway.
To set the Malware DNS Trap parameters for the profile:
The Profiles page opens.
To set the Malware DNS Trap parameters for a gateway:
The gateway window opens and shows the General Properties page.