Supported Devices

The ThreatSTOP threat intelligence Web service should work with any firewall, or other traffic management device, that can make a forwarding decision based on a DNS lookup. For systems without that native capability, it should be simple to write scripts on the management stations that update rules using lists retrieved from DNS. Below we have - as well as the generic overview - implementation details for a number of the most common firewalls.

For firewalls that we do not currently support directly, we recommend that customers deploy a software firewall (e.g. Vyatta or pfSense) in bridge mode behind the firewall. This deployment method has been used successfully by many of our customers to identify and block botted machines on their networks.

  • CheckPoint: UTM/SPLAT
  • Cisco ASA/PIX/ISR/ASR
  • Fortinet: Fortigate
  • Juniper: SRX/MX
  • Vyatta/VyOS/EdgeOS
  • Palo Alto Networks: PAN-OS
  • PF: BSD/pfSense
  • IP Tables/Linux
  • Netscreen