grid:threatprotection : The Grid threat protection object.

The Grid threat protection settings.

Object Reference

References to grid:threatprotection are object references.

The name part of the grid:threatprotection object reference has the following components:

  • The name of the Grid.
Example:
grid:threatprotection/YXRwLmNsdXN0ZXJfYXRwX3Byb3BlcnRpZXMkMA:Infoblox

Restrictions

The object does not support the following operations:

  • Create (insert)
  • Delete
  • Permissions
  • Global search (searches via the search object)
  • Scheduling
  • CSV export

The object cannot be managed on Cloud Platform members.

Fields

These fields are actual members of the object; thus, they can be requested by using _return_fields, if the fields are readable.

The basic version of the object contains the field(s): grid_name.

current_ruleset

current_ruleset

The current Grid ruleset.

Type

String.

Create

The default value is undefined.

Search

The field is not available for search.

disable_multiple_dns_tcp_request

disable_multiple_dns_tcp_request

Determines if multiple BIND responses via TCP connection are disabled.

Type

Bool.

Create

The default value is True.

Search

The field is not available for search.

enable_accel_resp_before_threat_protection

enable_accel_resp_before_threat_protection

Determines if DNS responses are sent from acceleration cache before applying Threat Protection rules. Recommended for better performance when using DNS Cache Acceleration.

Type

Bool.

Create

The default value is False.

Search

The field is not available for search.

enable_auto_download

enable_auto_download

Determines if auto download service is enabled.

Type

Bool.

Create

The default value is False.

Search

The field is not available for search.

enable_nat_rules

enable_nat_rules

Determines if NAT (Network Address Translation) mapping for threat protection is enabled or not.

Type

Bool.

Create

The default value is False.

Search

The field is not available for search.

enable_scheduled_download

enable_scheduled_download

Determines if scheduled download is enabled. The default frequency is once in every 24 hours if it is disabled.

Type

Bool.

Create

The default value is False.

Search

The field is not available for search.

events_per_second_per_rule

events_per_second_per_rule

The number of events logged per second per rule.

Type

Unsigned integer.

Create

The default value is 1.

Search

The field is not available for search.

grid_name

grid_name

The Grid name.

Type

String.

Search

The field is not available for search.

Notes

The grid_name is part of the base object.

The grid_name cannot be updated.

grid_name cannot be written.

last_checked_for_update

last_checked_for_update

The time when the Grid last checked for updates.

Type

Timestamp.

Search

The field is not available for search.

Notes

The last_checked_for_update cannot be updated.

last_checked_for_update cannot be written.

last_rule_update_timestamp

last_rule_update_timestamp

The last rule update timestamp.

Type

Timestamp.

Search

The field is not available for search.

Notes

The last_rule_update_timestamp cannot be updated.

last_rule_update_timestamp cannot be written.

last_rule_update_version

last_rule_update_version

The version of last rule update.

Type

String.

Search

The field is not available for search.

Notes

The last_rule_update_version cannot be updated.

last_rule_update_version cannot be written.

nat_rules

nat_rules

The list of NAT mapping rules for threat protection.

Type

A/An NAT Threat Protection Rule struct array.

Create

The default value is:

empty

Search

The field is not available for search.

outbound_settings

outbound_settings

Outbound settings for ATP events.

Type

A/An Outbound settings for ATP events struct.

Create

The default value is:

{ 'enable_query_fqdn': False, 'query_fqdn_limit': 2}

Search

The field is not available for search.

rule_update_policy

rule_update_policy

The update rule policy.

Type

String.

Valid values are:
  • AUTOMATIC
  • MANUAL

Create

The default value is AUTOMATIC.

Search

The field is not available for search.

scheduled_download

scheduled_download

The schedule setting for automatic rule update.

Type

A/An Schedule Setting struct.

Create

The default value is empty.

Search

The field is not available for search.

Function Calls

atp_object_reset

This function is used to invoke a factory reset on an ATP object.

This function does not support multiple object matches when called as part of an atomic insertion operation.

Input fields

atp_object ( String. ). This parameter is mandatory. The reference to object to reset. It can be a rule, ruleset, or a category.

delete_custom_rules ( Bool. ). This parameter is mandatory. Determines if custom rules will be deleted. Applicable only if atp_object is a ruleset or a category. The default value is “False”.

Output fields

None

test_atp_server_connectivity

This function is used to test the connectivity to the ATP server.

This function does not support multiple object matches when called as part of an atomic insertion operation.

Input fields

None

Output fields

error_messages ( String array. ) List of errors that occured.

overall_status ( String. Valid values are: “SUCCESS”, “FAILED” ) Overall status of the test.

Fields List

Field Type Req R/O Base Search
current_ruleset String N N N N/A
disable_multiple_dns_tcp_request Bool N N N N/A
enable_accel_resp_before_threat_protection Bool N N N N/A
enable_auto_download Bool N N N N/A
enable_nat_rules Bool N N N N/A
enable_scheduled_download Bool N N N N/A
events_per_second_per_rule Unsigned int N N N N/A
grid_name String N Y Y N/A
last_checked_for_update Timestamp N Y N N/A
last_rule_update_timestamp Timestamp N Y N N/A
last_rule_update_version String N Y N N/A
nat_rules [struct] N N N N/A
outbound_settings struct N N N N/A
rule_update_policy String N N N N/A
scheduled_download struct N N N N/A