Integrate file reputation services and sandboxes
Integrating Forcepoint NGFW with file reputation services and sandboxes improves the malware detection coverage of Forcepoint NGFW when you use file filtering.
Engine Editor > Add-Ons > File Reputation
Use this branch to enable file reputation services for file filtering.
Option | Definition |
---|---|
File Reputation Service | Select the file reputation service to use.
|
Option | Definition |
---|---|
When File Reputation Service is Threat Intelligence Exchange (TIE) | |
ePO Server | Shows the selected McAfee ePO Server element. The McAfee ePO server handles the request for DXL credentials initiated by the SMC. Click Select to select an element. |
DXL Certificates | Shows the currently valid DXL certificates. |
Generate DXL Certificates | Generates new certificates. |
Option | Definition |
---|---|
When File Reputation Service is Global Threat Intelligence (GTI) | |
HTTP Proxies
(Optional) |
When specified, requests are sent through an HTTP proxy instead of the engine accessing the external network directly. Click Add to add an element to the list, or Remove to remove the selected element. Note: You can only use one HTTP proxy for the connection to the McAfee Global Threat Intelligence file reputation service. If you select more than
one HTTP proxy, the additional HTTP proxies are ignored.
|
Engine Editor > Add-Ons > Sandbox
Use this branch to select and configure sandbox servers for NGFW Engines.
Option | Definition |
---|---|
Sandbox Type | Specifies which type of sandbox the NGFW Engine uses for sandbox file reputation scans.
|
Option | Definition |
---|---|
When Sandbox Type is Cloud Sandbox - Forcepoint Advanced Malware Detection | |
License Key | The license key for the connection to the sandbox server. Note: The license defines the home data center where files are analyzed. Enter the key and
license token for the data center that you want to use as the home data center.
CAUTION: The license key and license token allow access to
confidential analysis reports. Handle the license key and license token securely.
|
License Token | The license token for the connection to the sandbox server. |
Sandbox Service | Specifies the sandbox service that the firewall contacts to request file reputation scans. Click Select to select an element. |
HTTP Proxies (Optional) |
When specified, requests are sent through an HTTP proxy instead of the engine accessing the external network directly. Add — Allows you to add an HTTP Proxy to the list. Remove — Removes the selected HTTP Proxy from the list. |
Option | Definition |
---|---|
When Sandbox Type is Local Sandbox - Forcepoint Advanced Malware Detection | |
License Key | The license key for the connection to the sandbox server. |
License Token | The license token for the connection to the sandbox server. |
Sandbox Service | Specifies the sandbox service that the firewall contacts to request file reputation scans. Click Select to select an element. |
HTTP Proxies (Optional) |
When specified, requests are sent through an HTTP proxy instead of the engine accessing the external network directly. Add — Allows you to add an HTTP Proxy to the list. Remove — Removes the selected HTTP Proxy from the list. |