Internet Threat Protection (ITP) Policies

  • Updated on May 31, 2024
  • 5 minutes to read
  • Contributors

Overview

SonicWall Cloud Secure Edge (CSE) Internet Threat Protection (ITP) capability is designed to protect end-users from malicious websites, ransomware, or phishing attacks by examining internet traffic. CSE’s ITP can also be used to enforce acceptable use policies (AUPs) by blocking specific categories of websites (such Gambling, Drugs, Adult Content, etc).

The section below provides an overview of the core concepts used in ITP policies. To create and manage ITP policies, refer to our article on managing ITP policies.

Concepts

Threats

Threats represent categories of domains containing content that is potentially harmful to a device. These categories of domains are devised by government agencies and third-party partnerships with CSE. Threat categorization is best effort.

Threats displayed are not confined to traditional threats, such as malware and phishing; some threats designated include sites that could circumvent CSE’s ITP policies (e.g., proxy and VPN domains or translation services domains). CSE actively evaluates the dates of domain registration to determine whether the domain can be classified as “new” (i.e., less than 30 days old) or “very new” (i.e., less than 24 hours old), since these domains have higher chances of being malicious.

Content Categories

A content category is a type of functionality that a particular domain offers (e.g., news sites, gambling sites, dating sites, etc.). CSE categorizes these domains, and content categorization is best effort.

Currently, CSE has a number of granular categories for use. CSE also consistently evaluates whether more of such categories need to be added. Domains that are not recognized within any existing category are further evaluated for categorization.

Assignment

ITP Policies need to be specifically assigned to users and devices you need to protect; assignment is done via CSE Roles. When you assign an ITP policy to a user and device, the CSE app will automatically start enforcing your policy.