Add a custom response

From the Custom Responses page, you can add a custom response configuration. A custom response is a device or machine that receives known or suspicious traffic.

You can assign a custom response to a threat category and a list in a policy as part of a Block action. When configuring a custom response, you enter the IP address information of the machine that you plan to use.

You must be an Enterprise Threat Protector (ETP) super administrator to perform this task.

Note: In addition to creating a custom response, ETP allows you to download Enterprise Security Connector, software that you can deploy as a virtual machine in your network to receive malicious traffic and identify machines that are infected with malware. Security Connector records information about the machine that made the request and unlike a custom response, communicates this information to ETP. For more information see Security Connector as a DNS sinkhole.

How to

  1. In the navigation menu, select Configuration > Utilities. Click the Custom Responses tab.
    Note: If you are trying the new Enterprise Center interface, in the navigation menu, select Policies > Custom Responses.
  2. Click the plus sign icon. The Add Custom Response dialog appears.
  3. In the Name field, enter a name for the custom response.
  4. In the Description field, enter a description.
  5. In the IP V4 and IP V6 fields, enter the IP address information for the custom response device or machine.
  6. Click Save.