Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
David_Levine
Contributor

SBA Zero Phishing - Creating Exception

Hi All,

Is it possible to create an exception for sites in the Zero Phishing policy? Or does it also use the exceptions defined for extraction and emulation?

Thanks,

~D

Labels (1)
0 Kudos
3 Replies
MikeB
Advisor

Hi David,

As far as you can see in the Admin Guides, the only way is through the exceptions defined for TE and TX.

It would be great if someone at check point could tell if there's any other way on the roadmap.

image.png

0 Kudos
David_Levine
Contributor

I was just testing and it appears that the exceptions defined in the dialog to "Exclude the following items from Extraction and Emulation" do not apply the Zero Phishing. So, yes - would be great to know if this is something that is being considered or if it is on the roadmap...

Thanks,

0 Kudos
MikeB
Advisor

YES!. You should be able to apply exclusions for Zero-Phishing through these exceptions. I was able to make them work with R80.20 and endpoint E83.10. 

If you download the event registry (.txt file) from the SBA Extension you should be able to find the following section at the beginning "excluded_domains:[ XXXXX]". These would be the domains that are configured in the exclusion rule and apply to both TE / TX / Zero-Phishing.

image.png

 

0 Kudos