Let's configure ETP for your enterprise

Complete these steps to set up Enterprise Threat Protector (ETP).

How to

  1. Configure enterprise locations. For more information, see Create a location.

    A location is a public IP address or a named collection of public IP addresses that belong to a region or geographic area in your network, such as a CIDR block for an office branch or company headquarters.

  2. Configure policies and assign a policy to a location. For more information, see Create a policy.

    Policies define the security actions that are taken for known or suspected security threats. You assign a policy to a location.

  3. Enable ETP Proxy to protect your network from malicious HTTP or HTTPS traffic. ETP Proxy acts as a man-in-the-middle (MITM) to intercept and inspect the full URL in a request. A MITM certificate authority (CA) certificate is required for the configuration of the proxy. For more information, see Enterprise Threat Protector Proxy and ETP Proxy as a TLS intermediary.

    You can also configure ETP Proxy to scan all web traffic. For more information, see Full web proxy.

  4. If needed, configure custom lists.

    Custom Lists allow you to define known or suspected malware domains or IP addresses.

    For more information, see Custom lists.
  5. Deploy configuration changes.

    After setting up locations, policies, and any associated lists, you must deploy the changes to the ETP network. For more information, see Deploy configuration changes.

  6. Forward requests from local DNS servers to ETP. For more information, see DNS forwarding.
  7. Configure the enterprise firewall to allow or block specific domains and ports. For more information, see Configure your enterprise firewall.
  8. If you want to direct suspicious traffic to a virtual appliance and identify machines in your network that are infected with malware or are making requests to malicious domains, deploy Enterprise Security Connector. The security connector collects information and sends it to ETP, where it is correlated threat events. For more information, see Security Connector as a DNS sinkhole.
  9. If you want to protect end-user machines that are on or off the corporate network, install ETP Client on corporate laptops. Regardless of network conditions, the client allows you to apply ETP policy to DNS requests. You can also configure ETP Client to forward web traffic to ETP Proxy. For more information, see ETP Client.