Defining Entities that are Trusted by Anti-Bot

By default, the Anti-BotClosed Check Point Software Blade on a Security Gateway that blocks botnet behavior and communication to Command and Control (C&C) centers. Acronyms: AB, ABOT. component inspects all domains.

You can configure trusted entities, which will not be inspected by the Anti-Bot component. These are called Detection Exclusions.

To configure detection exclusions:

  1. In the Properties of the Detection Exclusions Action, select an option from the Select action drop-down menu.

    To create a new action profile, click New, and in the window that opens enter the name and the description.

  2. Click OK.

  3. Select Allow detection exclusions for following trusted entities.

  4. Click Add exclusion.

  5. In the window that opens, select the Object Type.

    Click OK.

    Enter the name of the new exclusion:

    • Process - Name of an executable

    • URL - Website URL

    • Domain - Full domain name

    • Protection Name - Predefined malware signature

    • IP Range - Internal or External IP addresses

  6. Click OK.

  7. Click OK.