Configuring Cyber Shield Traffic Filtering for Blocking Threats

In order to configure Cyber Shield to act as an Intrusion Prevention System (IPS) and drop traffic transiting OpenVPN Cloud that matches certain threat signatures corresponding to different threat severity levels or threat categories, follow the steps below:

  1. Navigate to the Shield page on OpenVPN Cloud by clicking on Shield in the navigation bar
  2. On the Traffic Filtering widget, toggle the Monitoring switch to On
  3. Click the pencil icon. The Traffic Filters priority setting will be displayed. Traffic matching specific threat signatures are classified into 4 levels according to the severity of the detected threat: Critical (Level 1), High (Level 2), and Medium (Level 3). We recommend blocking Critical (Level 1) traffic which blocks threats from malware, trojans, worms, and certain intrusion activity
  4. Select threat priority levels that should be blocked. Click the Save button if done with selecting priority levels.
  5. If you want to block traffic by the category of the detected threat, then clear any priority settings and click on the Category tab. Note that blocking by either threat category or threat priority is possible not a combination of both
  6. The Traffic Filters category settings will be displayed. A single threat category can contain a mix of threats of different severity in terms of priority levels
  7. Select the threat categories to block
  8. Click the Save button