Back to top
The List Management functionality within Secure60 enables administrators to maintain and enforce security policies through allow lists and trigger lists. This feature is designed to enhance the control over network access, operations, and responses based on predefined criteria.
Lists are a list of List Items (Values) - that can then be applied as either:
Allow Lists: Allows specified entities (e.g., IP addresses, usernames, or device IDs) to access certain resources or execute specific actions without being blocked or logged as potential threats.
Trigger Lists: Specifies criteria that, when met, will trigger a Rule to fire its Actions. This is used to actively monitor for potentially harmful activities or compliance violations.
The same List can be used in either of the above scenarios, Its only in the application of a List to a Rule that defines whether the List is applied as an Allow List or Trigger List.
The List functionality within Secure60 supports two specific types of lists to cater to different security needs: “TEXT” lists and “IP” lists. Below is a detailed description of each list type and how they are used within the system.
TEXT lists are designed to perform straightforward text matches against monitored data. They are useful for identifying specific strings, such as command-line arguments, filenames, or user IDs that match exactly with the entries in the list.
IP lists allow for storing ranges of IP addresses and querying to check if a specific IP address falls within one of these ranges. This is particularly useful for allowing or blocking network traffic based on geographical or organizational boundaries.
To access the List Management functionality:
Organisation Settings menu.Lists from the tab sub menu.See the information under Rule Conditions to apply Lists to Rules
For further assistance, contact our support team