Adding a protection rule

3 July 2024

ID 171352

To add a protection rule:

  1. In the application web interface window, select one of the following sections:
    • For actions with rules of an individual workspace, in the section used for switching between workspaces, select the name of this workspace.
    • For actions with rules applied in all workspaces, select Global in the section used for switching between workspaces.

    Applicable only if you have access rights to multiple workspaces.

  2. Select the Rules section.
  3. Select the Protection tab.

    The protection rules table opens.

  4. Do one of the following:
    • If you want to add a rule to a group of rules, select the relevant group and click the Add rule the opened window.
    • If you want to add a rule outside of a group, click the Add rule button in the upper part of the window.

    The window for adding a rule opens.

  5. Select the General settings tab.
  6. In drop-down lists under Actions, select an action for each of the following parameters:
    1. Malware:
      • Block.
      • Block, disinfect if possible.
      • Skip scanning.

      The default setting is Block, disinfect if possible.

    2. Objects detected by KATA, Phishing, Malicious link, Encrypted object and Document with a macro:
      • Block.
      • Skip scanning.

      The default setting is Block.

    If the HTTP method CONNECT is used in the web resource request and the Block or Block, disinfect if possible action is defined in the rule, the connection will be terminated. The user will not be shown a block page. This is applicable to all requests that use the HTTP method CONNECT, regardless of whether this method is specified in the traffic filtering criteria.

  7. If you want to use a block page different from the default page when there is an attempt to open a forbidden resource:
    1. Select the Specify text to display on the block page check box.
    2. Type the message text.
  8. If you want to add a macro to the message text, select one of the supported macros from the Insert macro drop-down list. Type the name of the protection rule in the Rule name field.

    The name must be unique within the workspace if you are creating a workspace rule, or unique among the rules in the Global section if you are creating a rule outside of workspaces.

  9. If necessary, type a comment in the Comment field.
  10. If you want to apply a rule immediately after adding it, set the Status toggle switch to Enabled.
  11. Click Add.

The protection rule is added.

See also

Using traffic processing rules

Scenario for configuring access to web resources

Adding a bypass rule

Adding an access rule

Configuring a rule triggering initiator

Configuring traffic filtering

Adding an exclusion for a traffic processing rule

Configuring the schedule of a traffic processing rule

Modifying a traffic processing rule

Deleting a traffic processing rule

Creating a copy of a traffic processing rule

Enabling and disabling a traffic processing rule

Changing the order of applied rules

Working with traffic processing rule groups

Configuring a default protection policy

Monitoring traffic processing rules

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.