Add a custom response
From the Custom Responses page, you can add
a custom response configuration. A custom response is a device or machine that receives
known or suspicious traffic.
You can assign a custom response to a threat category and a list in a policy as part of a Block action. When configuring a custom response, you enter the IP address information of the machine that you plan to use.
You must be an Enterprise Threat Protector (ETP) super administrator to perform this task.
Note: In addition to creating a custom
response, ETP allows you to download Enterprise Security Connector, software that
you can deploy as a virtual machine in your network to receive malicious traffic and
identify machines that are infected with malware. Security Connector records
information about the machine that made the request and unlike a custom response,
communicates this information to ETP. For more information
see Security Connector as a DNS sinkhole.