Shield

Cyber Shield Domain Filtering Category Groups and Categories

This document lists the eight domain filtering content category groups and the related content categories within each category group. The category groups are: Malicious Adult Content Aggressive Content Alcohol / Tobacco / Illegal Drugs Hacking and Cracking Bandwidth Consuming Gambling and Games Time Stealer For each category group, information is provided in a table as […]

Internet Access Settings and Security Levels

Traffic to private resources on your connected networks always traverse the tunnel to OpenVPN Cloud but there are different ways that you can control the traffic destined to the internet. Split Tunnel ON: If you want to steer traffic to certain internet destinations within the tunnel for additional protection and to use login restriction policies […]

Configuring Cyber Shield Traffic Filtering for Blocking Threats

In order to configure Cyber Shield to act as an Intrusion Prevention System (IPS) and drop traffic transiting OpenVPN Cloud that matches certain threat signatures corresponding to different threat severity levels or threat categories, follow the steps below: Navigate to the Shield page on OpenVPN Cloud by clicking on Shield in the navigation bar On […]

Configuring Cyber Shield Traffic Filtering for Monitoring Threats

In order to configure Cyber Shield to act as an Intrusion Detection System (IDS) and start monitoring the traffic transiting OpenVPN Cloud for reporting on the encountered types of malicious traffic and policy violations, follow the steps below: Navigate to the Cyber Shield page on OpenVPN Cloud by clicking on Shield in the navigation bar. […]

Cyber Shield - Blocked Threat Traffic Trend Analysis

In order to analyze Blocked Traffic data, follow the steps below: On the Cyber Shield page, click on the Timeframe Metrics widget. Next, click on the Blocked Traffic tab. By default, the Blocked Traffic events of your users over the last 24 hours will be displayed. Notice that under the bar chart, the Classification Data […]

Cyber Shield - Observed Threat Traffic Trend Analysis

In order to analyze Observed Traffic data, follow the steps below: On the Cyber Shield page, click on the Timeframe Metrics widget. Next, click on the Observed Traffic tab. By default, the Observed Traffic events of your users over the last 24 hours will be displayed. Notice that under the bar chart, the Classification Data […]

Ensuring that specific domains are always accessible using the Allow List

Overview The Allow List is a feature of Cyber Shield Domain Filtering. The Allow List enables you to override domain blocking. You can specify a list of domains that can be accessed even if they are present in a selected blocked domain category or are on the Block List. Note: If you are using both […]

Creating a custom domain filtering category using the Block List

Overview The Block List is a feature of Cyber Shield Domain Filtering. The Block List enables you to block a defined list of domains, which results in a custom domain filtering category. You can add domains to the Block List either individually or in batch using a text (.txt) file. Just as you can disable […]

Running a detailed report for monitored or blocked domains

Overview The domain detailed report is a feature of Cyber Shield Domains Filtering. The report provides information about any monitored and blocked domains for the previous five-day period. Generated reports are in CSV format and emailed to the signed-in Administrator. The Top 10 Dashboard provides a link you can use to email a report of […]

Interaction between blocked and allowed domain names

A domain name consists of multiple levels, where a dot (.) separates each level. Consider the ‘OpenVPN Cloud ’ domain name: .com is the top-level domain (TLD) .openvpn is the second-level domain cloud is the third-level or sub-domain The domain name matching logic checks domain names from right to left, starting from the TLD. Therefore, […]

Cyber Shield - Observed Domains Trend Analysis

You must configure your OpenVPN Cloud Shield Domain Filtering to enable monitoring.

Cyber Shield Top-10 Dashboard

You must configure your OpenVPN Cloud Shield Domain Filtering to enable monitoring, and you can also choose to block specific content categories. The top-10 dashboard data displays the top recorded events for those categories that are monitored and blocked.

Cyber Shield Drill-Down Investigation

You must configure your OpenVPN Cloud Shield Domain Filtering to block specific domain categories before setting up a drill-down investigation.

Cyber Shield Investigation Report

You must configure OpenVPN Cloud Shield Domain Filtering to monitor or block specific content categories before setting up an investigation report.

Configuring Cyber Shield Domain Filtering

OpenVPN Cloud Shield analyzes the domain names in DNS queries received from VPN clients only when domain filter monitoring is turned on. When monitoring is active, Shield checks which content category each domain name being queried belongs in. If a domain name is matched to a category that is configured to be blocked, the domain name is not resolved.