Define Action options for the Apply Blacklist action in Access rules
The options for the Apply Blacklist action in Access rules affect the reception of blacklist entries on engines.
For more details about the product and how to configure features, click Help or press F1.
Steps
- Right-click the Action cell in an IPv4 Access rule and select Apply Blacklist.
- Double-click the Action cell.
- Set the options, then click OK.
Select Rule Action Options dialog box (Apply Blacklist)
Use this dialog box to override and specify the options for the Apply Blacklist action.
| Option | Definition |
|---|---|
| Inspection tab | |
| Scan Detection | Defines whether scan detection is applied to traffic that matches the rule.
|
| Option | Definition |
|---|---|
| Blacklisting tab | |
| Allowed Blacklisters for This Rule |
Any — Blacklist entries are accepted from all components. Restricted — Blacklist entries are only accepted from the components you specify (and from the engine command line). NGFW Engines are always allowed to add entries to their own blacklists. |
| Available Blacklisters | Elements that you can add to the Allowed Blacklisters list. |
| Allowed Blacklisters |
The elements that are allowed to add blacklist entries. Click Add to add an element to the list, or Remove to remove the selected element. Add the Management Server to allow manual blacklisting through the Management Clients. Add the Log Server to allow it to relay blacklisting requests from other NGFW Engines. |
| Option | Definition |
|---|---|
| Response tab | |
| Override Settings Inherited from Continue Rule(s) | When selected, activates the settings and overrides the settings defined in Continue rules higher up in the policy. |
|
User Response
(HTTP only) |
Specifies the automatic response that is shown to the end user when a connection is discarded. Click Select to select an element. You can use the default response or create a custom response. User Responses are not supported on Virtual NGFW Engines. |