ThreatSTOP Documentation Hub

This website contains all documentation related to the installation and configuration of ThreatSTOP.

• Platform
  • Overview
  • Supported Devices
• Admin Portal
  • Introduction
  • Account Management
  • Guided setup: Guided Setup
  • Configuration: Policy editor, RPZ Behaviors, User-Defined Lists, Devices
  • Reporting: IP Devices, DNS Devices, Roaming Devices, Email Reports, Alerts, Customer Networks, SIEM Integration
  • Threat Intelligence: Check IOC
• ThreatSTOP IP Defense devices
  • A10 ADC and TPS Automated configuration (recommended) or Manual configuration
  • Bandura Platform
  • Check Point R80 Automated configuration (recommended) or Manual configuration
  • Cisco ASA via SSHAutomated configuration (recommended) or Manual configuration
  • Cisco ASA via REST API (BETA)Automated configuration or Manual configuration
  • Cisco Firepower Automated configuration (recommended) or Manual configuration
  • Cisco ISR Automated configuration (recommended) or Manual configuration
  • Fortinet Fortigate Automated configuration (recommended) or Manual configuration
  • IPTables on Azure
  • IPTables on Ubuntu Linux
  • Juniper SRX/MX/EX
  • Automated configuration Juniper SRX/MX/EX
  • Juniper (Address Book/Security Zones API)
  • Packet Capture (PCAP, tcpdump, Wireshark…)
  • Palo Alto Networks Automated configuration (recommended), TSCM version, or HTTP version
  • PF on FreeBSD and OpenBSD
  • pfSense (On-Device Web Automation) (recommended), pfSense (On-Device CLI)
  • Brocade Vyatta (On-Device Web Automation)
  • Brocade Vyatta (On-Device CLI)
  • Ubiquiti EdgeOS (On-Device Web Automation)
  • Ubiquiti EdgeOS (On-Device CLI)
  • VyOS (On-Device Web Automation)
  • VyOS (On-Device CLI)
• ThreatSTOP DNS Defense Cloud
  • Cloud-based Protective DNS hosted by ThreatSTOP
• ThreatSTOP DNS Defense devices (on-premise Protective DNS)
  • Automated configuration BIND on TSCM
  • Amazon Elastic Cloud Service (ECS)
  • Azure Kubernetes Service (AKS)
  • BIND on Azure
  • BIND on Netgate pfSense
  • BIND on Red Hat Linux
  • BIND on Ubuntu Linux
  • BIND on TSCM
  • Docker DNS Firewall Container
  • Google Kubernetes Engine (GKE)
  • F5 BIG-IP/IQ (F5 RPZ)
  • F5® Big IP/IQ® (Bind RPZ)
  • F5® Big IP/IQ® (DNS Cache)
  • Infoblox NIOS
  • Kubernetes DNS Firewall
  • Microsoft Server 2016/2019 DNS Server
  • Nokia Vital QIP
• ThreatSTOP Roaming Defense
  • Roaming Quick Start Guide
  • Roaming Setup
  • Roaming Reports
• Integration with Cloud services
  • AWS WAFv2 Cloud (recommended)
  • AWS WAF-Classic Automated configuration or Manual configuration
  • AWS WAFv2 Automated configuration or Manual configuration
  • AWS WAF Managed Rules
• TSCM (ThreatSTOP Centralized Manager)
  • TSCM Backup & Restore
  • TSCM requirements and installation
  • CLI Reference
• REST API
  • Version 4 reference
• SIEM Integration
  • ThreatList SIEM Integration and Data Enrichment
  • STIX/TAXII services