Configuring Advanced Threat Service - BlueCat Edge - Service Point v4.x.x

BlueCat Edge User Guide

Locale
English
Product name
BlueCat Edge
Version
Service Point v4.x.x
The advanced threat service introduces enhancements to the existing threat service by augmenting and improving the accuracy of threat detection providing the ability to tune the output of the system. Once the advanced threat service has been configured, the service point evaluates DNS queries and flags any suspicious queries. You can view queries that have been flagged using the advanced threat service by filtering queries in the DNS activity page with the Advanced DGA Threat Indicator. For more information, refer to DNS activity.
Note: The advanced threat service can only be configured on Service Point v4 instances.
  1. In the top navigation bar, click and select Service points (v4).
  2. Click the name of a service point. The service point details page appears.
  3. Click Edit.
  4. On the Edit service point page, click Advanced threat service.
  5. Under Service status, select the toggle to enable the advanced threat service.
  6. Click Save.
Note: Clicking the Save button queues the configuration task on the associated service point and does not indicate that the advances threat service has been immediately deployed. The deployment process can take a few minutes to successfully complete.