Applies To: ThreatSync+ NDR
ThreatSync+ NDR monitors your network for violation of your company policies and generates policy alerts to notify you about possible threats to your organization. You can enable default policies or create your own custom policies. For more information, go to About ThreatSync+ Policies and Zones.
Default Policies and Zones
ThreatSync+ NDR includes default policies and zones that you can enable and customize. For more information, go to Default Policies and Zones.
Policy Tuning
Policy tuning helps you to reduce the number of alerts for activity that does not violate your organizational policies. This means you have a smaller number of alerts to review and the alerts reflect real concerns that require action. For more information, go to Policy Tuning.
Policy Activity Filters
When you define a custom policy, you configure a source zone, a destination zone, and an activity filter. The activity filter enables you to evaluate traffic or event logs between the selected zones, triggering when the activity filter is matched. For more information about supported activity filters, go to Policy Activity Filters.