Skip to content
The XG Series hardware appliances will reach end-of-life (EOL) on March 31, 2025. Click here to see the XG to XGS migration documentation.

Configure threat feeds

Active threat response consists of MDR threat feeds and Sophos X-Ops threat feeds.

You can configure some or all of these modules to allow the firewall to block traffic related to IP addresses, domains, and URLs involved in malicious activity. See Active threat response.

You can also configure source and destination exclusions.

Threat feeds

Exclusions

When you exclude a source or destination from Active threat response scanning, the firewall doesn't match the traffic with the threat feeds.