Assign security connectors to a policy
An Enterprise Threat Protector administrator creates a policy to define how their company handles
known or suspected threats, as well as violations of an acceptable use policy.
To direct malicious traffic to the security connector when it’s used as a DNS sinkhole, in a policy configuration, select the Block policy action and the Error Page response. You can then assign Security Connector to a category or list.
As a best practice, assign a security connector to the malware and command and control (C&C) categories. A C&C threat indicates that a user’s machine is already compromised by the time it’s detected. To clean compromised machines, you can use Security Connector to identify infected machines and get the information you need for remediation.
How to
Next steps
- Deploy the configuration changes to the ETP network. For instructions see the Deploy Configuration Changes help topic.
- Test the security connector
- Add email addresses for Security Connector upgrade notifications