Contents

Related Topics

Botnet Site Exceptions

You can create exceptions to the Botnet Detection sites list. These entries are configured and processed as Blocked Site Exceptions. When you add a site to the exceptions list, traffic from that site is not blocked, even if it is included in the Blocked Sites list as a result of the Botnet Detection feature. Traffic from sites on the exceptions list is also not automatically blocked by features such as Default Threat Protection, and by block actions configured in a proxy policy. For more information, see Create Blocked Sites Exceptions.

You can add an exception for:

  • IP address
  • Network IP address range
  • Host IP address range
  • Host name (one time DNS lookup)
  • FQDN (includes wildcard domains).

For more information about how to use FQDN in exemptions and policies, see About Policies by Domain Name (FQDN).

To add Botnet Site Exceptions, from Fireware Web UI:Closed
  1. Select Subscription Services > Botnet Detection.
    The Botnet Detection page appears.

Screen shot of the Botnet Site Exceptions page
Botnet Site Exceptions in Fireware Web UI

  1. To add an exception, click Add.
  2. From the Choose Type drop-down list, select a method to identify the botnet site exception.
  3. In the adjacent text box, type the address for the type you selected:
    If the exception is for a host range, type the start and end IP addresses for the range of IP addresses in the exception.
    For FQDN, you can use a specific domain name, such as example.com, or use a wildcard to indicate the domain and all subdomains, such as *.example.com.
  4. (Optional) In the Description text box, type a description of the botnet site exception.
  5. Click OK.
  6. Click Save.
To add Botnet Site Exceptions, from Policy Manager:Closed
  1. Select Subscription Services > Botnet Detection.
    The Botnet Detection dialog box appears.

Screen shot of the Botnet Site Exceptions dialog box
Botnet Site Exceptions in Policy Manager

  1. Click Add to add an exception.
  2. From the Choose Type drop-down list, select a method to identify the botnet site exception.
  3. In the adjacent text box, type the address for the type you selected.
    If the exception is for a host range, type the start and end IP addresses for the range of IP addresses in the exception.
    For FQDN, you can use a specific domain name, such as example.com, or use a wildcard to indicate the domain and all subdomains, such as *.example.com.
  4. (Optional) In the Description text box, type a description of the botnet site exception.
  5. Click OK.
  6. Save the configuration to the Firebox.

See Also

About Botnet Detection

Configure Botnet Detection

Configure the Botnet Detection Update Server

Give Us Feedback     Get Support     All Product Documentation     Technical Search

© 2018 WatchGuard Technologies, Inc. All rights reserved. WatchGuard, the WatchGuard logo, WatchGuard Dimension, Firebox, Core, Fireware, and LiveSecurity are registered trademarks or trademarks of WatchGuard Technologies in the United States and/or other countries.