Enable dynamic malware analysis
To set up ETP Proxy, you must create and distribute a certificate to devices and TLS clients in your network. For more information, see ETP Proxy as a TLS intermediary.
Before you begin
Complete this procedure to enable dynamic malware analysis. Dynamic malware analysis allows you scans files that are up to 64 MB in size in a secure sandbox environment.
To enable this feature, your organization must be licensed for the Advanced Sandbox module. For more information, contact your Akamai representative.
In the navigation menu, select
.Note: If you are trying the new Enterprise Center interface, in the navigation menu, select .
If you are adding a new policy:
- On the Policies page, click the plus sign icon.
- Enter a name and description for the policy in the Name and Description field.
To configure a policy
with settings from a predefined template, select one of these templates
and click Continue:
- Strict. Contains settings that block known and most suspected threat categories. Select this template to apply settings that are a best practice for a policy.
- Monitor-only. Logs and reports threats but it does not block them. This template is ideal for testing or assessing policy impact before using the Strict template. This template assigns the monitor policy action to all known and suspected threat categories.
- Custom. Lets you define policy actions for known and suspected threats.
- To assign a location, click the link icon, select a location or multiple locations, and click Associate.
- If you are modifying a policy, click the name of the policy that you want to edit or click the edit icon that appears when you hover over the policy.
- Click the Settings tab.
- In the Proxy Settings area, toggle Enable Proxy to on.
If you enabled the proxy, toggle
Enable Inline Payload Analysis to on. If your
organization is licensed for Advanced Sandbox, complete these steps to define
how large, risky files are handled:
- For downloads that range from 5 MB to 2 GB in size (large files), select the Allow and Scan action.
- Toggle Dynamic Analysis to on.
- In the Threat tab, select policy actions for threat categories. For more information on policy actions, see Policy actions.
- To assign a list to a policy, see Add a list to a policy.
- In the Acceptable Use Policy tab, select the block action to block websites in any of these categories. To allow websites or content in these categories, make sure the block action is not selected.
- Click Save.
Deploy the policy to the ETP network. For instructions, see Deploy configuration changes.