Notifications > C&C Callback Attempt Detection
Administrator Notification
Send a message when C&C callback event is detected—Depending on what InterScan Web
Security Virtual Appliance has been configured to block, this option can result in
a large number of notification messages being sent to the default recipient.
As an alternative to item-by-item notifications, remember that blocked files are
written to a log, and can be included in one of the IWSVA generated reports.
 |
Tip
Have notifications sent to a dedicated email account rather than your personal account
to reduce the number of messages received. Alternatively, you may want to set up an
email rule to process IWSVA messages.
|
User Notification Message
Whenever InterScan Web Security Virtual Appliance detects a virus or other Internet
threat in client FTP traffic—uploads and downloads—the administrator will be notified
at their FTP command prompt. If the user is using an FTP client, the message is displayed
using whatever method the client software provides for session text.
To set up C&C Contact Callback notifications:
-
Click the "Send a message when C&C callback event is detected" check box to have a message sent for the specific C&C Contact Callback event.
-
Enter a custom message.
-
-
Choose to send the message to the root recipient after either every incident, or after
a specific risk level has been surpassed (low, medium, or high).
-
For the User Notification Messages:
-
Select Default to display the default warning message.
-
Select Customized to display a custom message and either type or import the customized
message’s content.
-
You can design your own notification page using any HTML editor, then Import the page
to IWSVA (for example, if you want to display company brandings, or provide a link
to additional resources).
-
You can append a custom message to the IWSVA default by selecting both the Default
and Customized options.
-
Click Save.
