When you configure ExtraHop to auto-enforce newly found threats, they add to an Edge Domain List. Before this, you need to configure the default settings for Edge. Once saved, the following metadata is created:
To configure the default settings for Edge:
- Log in to the UI.
- Under AVAILABLE ACTIONS, click Extra Hop > Edge Policy Enforcement.
Under Configurations, configure the following:
- Edge URL
- Edge Client ID
- Edge Client Secret
- Click SAVE.
- Log into your Edge CI to continue configuring the Edge settings.
Once logged into Edge, click Policies and navigate to
the policy named RevealX Threats Blocked.
This policy by default is active for any site that’s in the site group called “RevealX Sites” and blocks all domains listed in the Domain list called “RevealX Blocked Threats”.
- Make other changes to this policy as per need.
Click Site Group. Navigate to the site group named
RevealX Sites and click Edit.
Add your sites to this site group to enforce the auto enforcement of the blocked
By default, there aren't any domains added to the Domain List. To enter domains
to this Domain List, click Domain Lists. Navigate to the
domain list named RevealX Blocked Threats and click
Edit. Add your domains to enforce the auto
enforcement of blocked domains.