From the Cortex XDR or XSIAM tenant, you can configure the action that Cortex XDR agents on iOS devices take for known malicious URLs and spam numbers. You can also configure granular control and monitoring of network traffic.
You can use Malware prevention profiles to configure the actions that Cortex XDR agents take when they detect known malicious URLs or spam numbers. You can also configure granular control and monitoring of network traffic.
By default, the Cortex XDR agent will receive the default profile that contains a predefined configuration for each malware protection capability supported by the platform.
Configure a malware prevention profile
Configure a malware prevention profile on the Cortex XDR or XSIAM tenant.
Assign the profile to a prevention policy rule
Select
→ → → .Do one of the following:
To create a new policy or import a policy, click +Add Policy and select whether to Create New or Import from File. Enter a meaningful Policy Name and Description.
Edit an existing policy rule.
Note
New imported policies are added, not replaced.
For Platform, select iOS, and then for Malware, select the profile that you created.
Click Next.
Select the iOS devices to which you want to assign the policy.
Click Done.