Blocklist Management

GuardMode Agent comes with a list of known ransomware-related file name and file extension patterns. Blocklists should be periodically updated to respond to most recent ransomware campaigns and exclude false positives.

Blocklist Management in DPX

Blocklist updates on Security Nodes are managed by DPX Master Server. This feature is disabled by default. You can enable automatic blocklist updates, change blocklist source and specify update interval. To configure automatic blocklist updates in DPX Master Server, see Configuring DPX for Automatic Blocklist Updates.

Blocklist Management in vStor

Blocklists for vStor-bundled GuardMode Agent used for backup scans are updated daily at 3 AM from a fixed source. These settings cannot be changed.

Tip. For offline environments, you can save your custom blocklist.json file in the /opt/catalogic/guard-mode/agent/ directory. Note: the file will be overwritten the next time your vStor has Internet access during the update window (3 AM). To avoid this, ensure your vStor is disconnected from the Internet at all times.

PreviousAltering Audit Rules NextConfiguring DPX for Automatic Blocklist Updates

Last updated 2 months ago