Core Configuration
Protection
Protection Overview
4 min
overview the protection section is the central command center for your network security here, you define the logic that determines which websites are accessible, which threats are blocked, and how specific exceptions are handled to access this section, navigate to protection in the main sidebar the menu is divided into three key areas policies the core security profiles policies are the heart of your filtering system a policy is a container that bundles all your filtering rules (malware, content, geoblocking, etc ) into a single object instead of configuring every network individually, you create a policy (e g , "guest wi fi" or "office staff") and assign it to as many networks as needed standard policies fully customizable profiles where you control every security layer restricted policies locked down profiles with pre set security rules, ideal for strict compliance learn how to create, configure, and assign security profiles docid\ ytrytsh3od3lc 34gvaz1 exceptions the allow & block lists while policies handle broad categories (like "block social media" or "block malware"), exceptions handle specific domain names use this section to create granular overrides that supersede your policy rules allow list (whitelist) ensure a specific domain (e g , partner company com) is always accessible, even if its category is blocked block list (blacklist) block a specific domain (e g , distracting game com) even if its category is allowed learn how to manage global and policy spcific allow/block lists docid\ pcuawlburltzdmajpz y5 templates reusable configurations located in the sidebar under exceptions, templates allow you to save sets of settings to be reused across multiple policies or organizations this is particularly useful for msps or large organizations that need to deploy standard configurations quickly how the protection flow works to secure a network, follow this logical workflow create a policy define your rules for malware, content, and applications assign the policy apply this profile to your desired networks or groups manage exceptions if a legitimate site is blocked (or a bad site gets through), add it to the exceptions list to fine tune the filter without changing the entire policy
