Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
LostBoY
Advisor

Threat policy on internal traffic

Jump to solution

Hello,

Does threat policy which has ips,antobot and antivirus blades apply to exterbal traffic only or internal traffic also ?

Does it apply to both internal and external traffic automatically aur any configuration is requires

 

Thanks

0 Kudos
2 Solutions

Accepted Solutions
PhoneBoy
Admin
Admin
Your precise threat policy determines what protections are applied when.
Anti-Bot in general only applies to the Internet as that’s where the related threats are.
IPS and AV can potentially apply to internal traffic also.

View solution in original post

You need to have topology properly defined and then in profile's AV settings there is an option to choose which traffic to inspect. 

View solution in original post

5 Replies
PhoneBoy
Admin
Admin
Your precise threat policy determines what protections are applied when.
Anti-Bot in general only applies to the Internet as that’s where the related threats are.
IPS and AV can potentially apply to internal traffic also.

View solution in original post

LostBoY
Advisor
Thanks for the reply...i found the section in AV tab where i can define whether i want to inspect AV on DMZ/External or all interfaces.. however i cant see any such setting for IPS ..is it implied that IPS automatically inspects all interface traffic ?
0 Kudos
PhoneBoy
Admin
Admin
This should happen for IPS unless your precise Threat Prevention policy layer(s) say otherwise.

You need to have topology properly defined and then in profile's AV settings there is an option to choose which traffic to inspect. 

View solution in original post

LostBoY
Advisor
Thanks for the reply... i found that section in the AV section ..however can i enable such setting for IPS as well ?
0 Kudos