Configure APT Blocker Advanced Settings

By default, the Firebox sends APT Blocker requests to the nearest cloud-based server. In the APT Blocker Advanced settings you can configure APT Blocker to send requests to a server in a specific region, or to send requests to a local on-premise server.

In Fireware v12.7 and higher, you can also choose whether to submit PDF files for analysis and configure an HTTP proxy server to connect to the APT Blocker server.

To configure advanced APT Blocker settings, see these sections:

Submit PDF Files for Analysis

In Fireware v12.7 and higher, you can specify whether APT Blocker submits unrecognized PDF files to the data center for analysis. This gives you more granular control to address privacy concerns related to personal information in PDFs. By default, the Submit PDF files to the data center for analysis check box is not selected and APT Blocker does not send unrecognized PDFs for analysis.

In Fireware versions lower than v12.7, APT Blocker always submits unrecognized PDF files to the data center for analysis.

APT Blocker always submits the MD5 hash of PDF files to the data center and takes the specified action if the file matches any known threats.

Set the APT Blocker Server Region

By default, APT Blocker sends APT Blocker requests to the nearest cloud-based server. You can also configure APT Blocker to always send requests to a server in a specific region.

Enable a Local On-Premises Server

In large enterprise networks, some organizations use a local on-premises server instead of cloud services for security and data privacy purposes. You can configure APT Blocker to send requests to a local on-premises server, if you have one installed on your network.

The on-premises server is available as a physical appliance, installation media, or VMware image. For more information, or to order an on-premises server, see https://www.lastline.com/contact.

To find your license key and API token information, see the information sent to you with your on-premises server product.

When you use a on-premises server, you must also import a self-signed CA certificate to the Firebox.

To import the certificate:

  1. Download the certificate from https://update.lastline.com/updates/distros/lastline-ca.crt.
  2. Complete the process to import the certificate to the Firebox, as described in:
  3. When you specify the Certificate Function option, select IPSec, Web Server, Other.

Enable an HTTP Proxy Server

If you want APT Blocker to use an HTTP proxy server to connect to the APT Blocker server through the Internet, you must configure the HTTP proxy server settings. You can configure a HTTP proxy server in Fireware v12.7 and higher.

See Also

About APT Blocker

Configure APT Blocker