Table of contents

Custom network configuration

This feature is part of a controlled release and is in Preview. Content on this page is subject to change.

Custom network configuration allows preview features like fail open for Firewall and Intrusion Prevention, to be enabled and configured by entering their plain text JSON parameters into the Cloud One Endpoint & Workload Security UI (Settings > Advanced > Advanced Network Engine Options).

Custom network configuration is in preview and only supports fail open at this time.

Add a custom network configuration

To add a custom network configuration:

  1. Go to Computer (or Policy) > Settings > Advanced > Advanced Network Engine Options.
  2. In Custom network configuration, enter your configuration parameters in JSON format.
  3. Click Save.

Your custom network configuration is added.

If the JSON configuration you enter is invalid, a message asks you to check your code and try again.

JSON parameter configuration examples

The default fail open parameters are shown below:

{
    "FailOpen" : {
        "SYS_CONF_UNLOAD_DRIVER": 1,
        "SYS_CONF_MIN_ACT_DURATION": 30,
        "SYS_THR_RUNQ": {"value":16},
        "SYS_THR_MAX_ITERATION_INVL": {"value":40}
    }
}

Custom network configuration is in preview and only supports fail open at this time.

Supported preview features can be added by including them in your custom network configuration JSON below the fail open feature (shown as PreviewFeature1 in the following example):

{
    "PreviewFeature1" : {
        "SYS_CONF_UNLOAD_DRIVER": 1,
        "SYS_CONF_MIN_ACT_DURATION": 30,
        "SYS_THR_RUNQ": {"value":16},
        "SYS_THR_MAX_ITERATION_INVL": {"value":40}
    },
    "PreviewFeature2" : {
        "PreviewFeature2_parameter1": 1,
        "PreviewFeature2_parameter2": 2,
        "PreviewFeature2_parameter3": 3,
        "PreviewFeature2_parameter4": 4
    }
}