Security categories

The Security tab in a policy toggles threat-focused blocking. Unlike the content categories (which manage what users are allowed to access), security categories block known malicious infrastructure. Most production policies enable all of them.

Category	What it blocks
Adware	Software that displays unwanted advertisements to generate revenue. May appear as banners or pop-ups during install. Tracks personal information that can be sold to third parties.
Infected Hosts	Compromised hosts that act as distribution points for malicious software or are used in DDoS attacks.
Malicious Scripts	Domains hosting obfuscated or hidden JavaScript that can modify a user’s system and compromise security.
Malware	Domains hosting general malware: ransomware, keyloggers, worms, trojans, spyware. Also blocks known ransomware command-and-control (C2) domains.
Phishing	Known or suspected phishing domains, financial fraud, credential theft, identity theft.
Viruses	Domains associated with known computer viruses.

[!TIP] The Security categories are independent of Content and Applications. A typical baseline policy turns on every Security category by default, while Content and Applications are tuned per audience.

Working with policies, where to toggle these in the policy editor
Content categories
Application categories
Working with allow and block lists, overriding a security category for a false-positive domain

Content Filtering

Threat Protection

Device Protection

Network Visibility

About Us

FAQ

Contact

DNS Library

Blog

Videos

Documentation

Tools