Threat Brain is a cloud-native, AI-powered security platform that provides organisations with real-time protection and visibility over data entering and leaving their networks. By assessing IP reputations and analysing network activity, it helps identify and block potential threats before they impact your systems. When integrated with GoAnywhere Managed File Transfer, Threat Brain adds an extra layer of security, giving you confidence that sensitive data is monitored and safeguarded at every stage of transfer.
In this video, Dave Hendley, Head of Technical at Pro2col, walks you through the how to configure GoAnywhere to integrate with Fortra Threat Brain. You’ll see step-by-step how to enable Threat Brain, configure sensitivity settings, and ensure your IP blocking policies are working effectively.
For more tips, product insights, or help with your Managed File Transfer setup, reach out to our team at Pro2col, we’re here to help.
VIDEO TRANSCRIPT
Hi, I'm Dave Hendley, Head of Technical here at Pro2col, and today we're going to run through the configuration options available to you within GoAnywhere for integration with Fortra Threat Brain.
Threat Brain is a cloud-native, AI-powered security platform that provides protection and visibility of data entry and egress points across your network. It integrates seamlessly with their GoAnywhere MFT application, as well as other Fortra products, but today we'll just be focusing on GoAnywhere. The options have been available since version 7.7 of GoAnywhere, but let's get logged into one of our environments here.
You will need to be provided with the security officer role to gain access to the Threat Brain settings. Once logged in, you can access the settings through System, Threat Brain settings. When you reach the page, you'll need to tick the box to enable Threat Brain. You'll then need to enter your client ID and client secret, which should have been provided to you at point of purchase.
You now just need to configure your sensitivity options, which are simply done with a sliding bar, with the low sensitivity being displayed as red, and the high sensitivity being displayed as green. This determines how strict you would like the IP address blocking to be, with the reputation of an IP address being determined by several factors, including Fortra's own reputational metrics. I prefer to select the precise values option as it will allow you to set the reputational value you would like Threat Brain to block at.
It is worth noting that Threat Brain will block IPs with a reputation up to and including the value you set it to. So, in this instance, it will block all IPs with a reputation of negative 0.4 and below.
Once everything has been entered, save the settings to apply the new configuration. In order to utilise Threat Brain, the automatic IP block list within GoAnywhere must be enabled. This will also show any IP addresses that have been blocked by Threat Brain. Additionally, if Threat Brain blocks an IP address, it will display this in the remarks column of the HTTPS log found under Reporting, Audit Logs.
And that's everything. Configuring Threat Brain integration with GoAnywhere is extremely simple and should be considered by any company looking to gain further visibility and protection of connections in and out of the MFT platform.
If you require any further information regarding MFT products or Threat Brain, please do not hesitate to contact us here at Pro2col.
Compare MFT Solutions
Further Reading: