McAfee Web Gateway (Skyhigh Secure Web Gateway) DBL Configuration Guide

The DBL provides a maximum of 80,000 listings. This limit may be updated without notice.

Submit a ticket

To continue with this configuration guide you must first submit a ticket via the Samurai MDR application. Add the following information within your request:

Ticket fieldInformation
TitleDBL Onboarding Request for McAfee Gateway device(s)
DescriptionAdd hostname and IP address (internet facing) of your McAfee Gateway(s). For example: mysecureproxy1.acme.org, 19.16*.2*.2 If enrolling multiple gateways please add the information on individual lines.*

Submit the ticket and you will hear back from us with additional information (e.g DBL URL’s) to continue with the configuration below.

Connection Requirements

You will need to ensure your Secure Web Gateway can reach a specific URL to obtain the DBL. This information will be provided to you once subscribed.

ParameterNote
Connection PortTCP / 80
URL DBLNTT will provide a unique URL to you to download the DBL URL list
IP DBLNTT will provide a unique URL to you to download the DBL IP list

Table 1: Connections requirements

From your Secure Web Gateway:

Configure the External Lists Module

Follow the steps outlined within the Skyhigh Security documentation:

Use the following parameters when completing the steps:

Field NameParameter
NameWhatever you want, however we suggest NTT_DBL
Data Source TypeWeb Service
Web service’s URLURL will be provided to you upon enablement of the add-on
Advanced Parameters - Maximum number of entries to fetch100000
Advanced Parameters - Maximum size of data fetch in kb100000

Table 2: External Lists Module

Tip: To find out more information about External Lists refer to Skyhigh Security documentation About External Lists

Create a Rule

Follow the steps outlined within the Skyhigh Security documentation:

You need to configure a rule that denies access if the URL requested by the client matches the external list previously created.

Use the following parameters when completing the steps:

Field NameParameter
Rule NameWhatever you want, however we suggest ‘Block URLS that match the NTT DBL’
Enable RuleSelected
Rule Criteria/Apply this ruleIf the following criteria is matched
Rule Criteria TypeURL/Host criteria
FilterURL
Selected Operatoris in list
Compare withExtLists, StringList (String, String, String)
SettingsSelect your external list created in Configure the External Lists Module
Parameters Property “Exlists.String”1. Placeholder ${0} Data (String)
ActionBlock
SettingsURL Blocked

Table 3: Rule creation

Our Dynamic Block List (DBL) configuration guide was accurate at the time of writing but vendors change things frequently! If you find errors or anything is outdated, let us know by *raising a ticket in the Samurai MDR portal and we shall get it updated.