Back=right
mouse click.
Back=right
mouse click.
Notifications > C&C Callback Attempt Detection
Send a message
when C&C callback event is detected—Depending on what InterScan
Web Security Virtual Appliance has been configured to block, this option
can result in a large number of notification messages being sent to the
default recipient.
As an alternative to item-by-item notifications, remember that blocked
files are written to a log, and can be included in one of the IWSVA generated
reports.
Tip: Have notifications sent to a dedicated email account rather than your personal account to reduce the number of messages received. Alternatively, you may want to set up an email rule to process IWSVA messages.
Whenever InterScan Web Security Virtual Appliance detects a virus or other Internet threat in client FTP traffic—uploads and downloads—the administrator will be notified at their FTP command prompt. If the user is using an FTP client, the message is displayed using whatever method the client software provides for session text.
Click the "Send a message when C&C callback event is detected" check box to have a message sent for the specific C&C Contact Callback event.
Enter a custom message.
Change the recipient, if necessary on the Notifications Email Settings page.
Choose to send the message to the root recipient after either every incident, or after a specific risk level has been surpassed (low, medium, or high).
For the User Notification Messages:
Select Default to display the default warning message.
Select Customized to display a custom message and either type or import the customized message’s content.
You can design your own notification page using any HTML editor, then Import the page to IWSVA (for example, if you want to display company brandings, or provide a link to additional resources).
You can append a custom message to the IWSVA default by selecting both the Default and Customized options.
Click Save.