Web Protection works around the clock to shield your network from all known and suspected malware types that are found in every corner of the internet. But Web Protection now monitors your network from within to ensure that any malware that’s already in your system isn’t trying to send information back to its creator. If Web Protection detects malware attempting to send out information, it will generate a Critical Threat Notification and send it to everyone in your notification list. A few of the more common questions about this feature are answered below:
Why have I received a notification?
To start, you have been notified because you were listed as a point-of-contact to receive notifications if Web Protection detects web traffic that indicates your network has been exposed to possible malware.
What exactly does it mean for my network?
Designed as an early-warning detection initiative, the notification indicates that Web Protection has identified a Botnet, Key Logger or other malicious program that is attempting to send out information from within your network. In other cases, one of the browsers on your network may have been blocked from reaching a site that contains malware. The notification will list the malicious domain, threat type and the number of times the threat has been blocked prior to the notification. This information gives you a head-start in tracking down potential weaknesses or dangerous activity on your network.
By logging DNS requests for your network, administrators can often isolate a suspected workstation or server that may have been compromised due to malware activity. For more information on enabling DNS Request logging for your Windows Server, please visit the following article:
How do I add contacts to the notification list?
Simply login to the Customer Portal as an Administrator, select the Web Protection Admin tab and then select the Notifications page and then the Critical Threats tab. From there, add a maximum of ten email addresses and up to five cell numbers to each respective list. Then select the appropriate check box to enable the notification(s) and click the Save Critical Threat Notification Information button to activate threat notifications for your account.