Configure Network Blocking in FireCloud

Applies To: FireCloud Internet Access This topic applies to accounts with a FireCloud Internet Access license.

FireCloud is a beta product that is only available to participants in the WatchGuard FireCloud Beta program. To try FireCloud Internet Access, join the WatchGuard Beta test community.

In FireCloud, you can enable and configure network blocking with these security services:

• Enable Botnet Detection in FireCloud
• Configure Intrusion Prevention Service in FireCloud

You can enable these security services globally, but you cannot enable or disable Intrusion Prevention Service or Botnet Detection at the access rule level.

You can also manually block ports and sites. For more information, go to Add Blocked Sites and Blocked Ports.

Enable Botnet Detection in FireCloud

A botnet consists of a large number of malware-infected client computers that a remote server controls and uses to perform malicious acts. The Botnet Detection security service adds a list of known botnet site IP addresses to the FireCloud Blocked Sites List, which enables FireCloud to block traffic to and from these sites at the packet level.

To enable Botnet Detection in FireCloud, from WatchGuard Cloud:

1. Select Configure > FireCloud.
2. Click the Network Blocking tile.
   The Network Blocking page opens.
3. Enable Botnet Detection.
4. To save your configuration changes, click Save.

Configure Intrusion Prevention Service in FireCloud

Intrusion Prevention Service (IPS) uses signatures to provide real-time protection against network attacks, including spyware, SQL injections, cross-site scripting, and buffer overflows. You can specify the action IPS takes when it detects a threat, as well as the scan mode to use.

IPS automatically uses the latest signatures when you enable it.

To configure Intrusion Prevention Service in FireCloud, from WatchGuard Cloud:

1. Select Configure > FireCloud.
2. Click the Network Blocking tile.
   The Network Blocking page opens.
3. Enable Intrusion Prevention Service.
4. In the Action column, select the Drop check box for each security threat level you want to drop connections for. There are five security threat levels, from highest to lowest:
• Critical
• High
• Medium
• Low
• Info
5. To save your configuration changes, click Save.

Related Topics

Network Blocking in FireCloud

Add Blocked Sites and Blocked Ports in FireCloud

About Botnet Detection (Fireware Help)

About Intrusion Prevention Service (Fireware Help)