Hello!
I am new to instant on. I just have a few questions that I need current how to information on.
1) How do you view incidents/logs for important things such as pre attack/attack indicators like port scans or anomalous TCP?
2) How do you view/export connection history by IP address (not domain)?
3) How do you geoblock? For example common blocking of big 5, ITAR/sanction/designated high risk countries/countries that there isn't any legitimate reason they should be connecting for your deployment case?
4) How do you automatically sync or utilize IP reputation/known malicious IP databases/lists?
5) How do you upload or otherwise use a custom IP blocklist in .csv/.txt?
6) How do you implement a lockdown whitelist only domain/ip mode?
Basically all of these have been pretty widely available for over a decade so I'm just trying to understand how to get an instant on deployment up to that baseline.
Also I see that there is a new conversational AI tool so how is this best utilized to enhance security, efficiency, and performance?
------------------------------
Bob Smith
------------------------------