Configuring Edge default settings - Adaptive Plugins - BlueCat Gateway - 20.3.0

ExtraHop Administration Guide

Locale
English
Product name
BlueCat Gateway
Version
20.3.0

When you configure ExtraHop to auto-enforce newly found threats, they add to an Edge Domain List. Before this, you need to configure the default settings for Edge. Once saved, the following metadata is created:

To configure the default settings for Edge:

  1. Log in to the UI.
  2. Under AVAILABLE ACTIONS, click Extra Hop > Edge Policy Enforcement.
  3. Under Configurations, configure the following:
    1. Edge URL
    2. Edge Client ID
    3. Edge Client Secret
  4. Click SAVE.
  5. Log into your Edge CI to continue configuring the Edge settings.
  6. Once logged into Edge, click Policies and navigate to the policy named RevealX Threats Blocked.
    This policy by default is active for any site that’s in the site group called “RevealX Sites” and blocks all domains listed in the Domain list called “RevealX Blocked Threats”.
  7. Make other changes to this policy as per need.
  8. Click Site Group. Navigate to the site group named RevealX Sites and click Edit. Add your sites to this site group to enforce the auto enforcement of the blocked domains.
  9. By default, there aren't any domains added to the Domain List. To enter domains to this Domain List, click Domain Lists. Navigate to the domain list named RevealX Blocked Threats and click Edit. Add your domains to enforce the auto enforcement of blocked domains.