Home » Help » Browser Security configurations to prevent threats

Threat Prevention Browser Configurations

Table of contents

Configuring Threat Prevention

Threat Prevention safeguards users from accessing malicious websites, including phishing sites, malware sites, and sites that distribute malware. By configuring this policy, administrators can effectively protect users from a range of online threats, such as script execution vulnerabilities. This document will explain how to create the policy and about each configuration provided by Endpoint Central.

Kindly follow the steps given below to successfully create and deploy Threat Prevention policy:

  1. Open Endpoint Central console and navigate to Browsers -> Policies -> Threat Prevention.
  2. Click Create Policy and select the OS platform.
  3. Give a name for the policy.
  4. Refer below to know more about each of the Threat Prevention settings.
  5. Click Save to save the policy as a draft. Click Save & Publish to save the policy.
  6. Associate the policy to computers/groups of computers in which you want the isolation of web-applications to take place.

    7. Threat Prevention

Settings under Threat Prevention

This document will explain each configuration for Threat Prevention provided by Endpoint Central and the browsers it is applicable for.

Configuration Description Supported Browsers Supported Platforms
Phishing Filter Enabling this setting, protect browser against malware, abusive sites, Insecure extensions, phishing, malicious, and social engineering attacks. Chrome, Edge, Firefox, Ulaa & Chromium Browsers Windows, Mac
File Downloads Enable - Enable all File Downloads
Disable - Disable all File Downloads
Restrict Malicious File Downloads - Allow downloads but blocks malware and phishing downloads		 Chrome, Edge, Ulaa & Chromium Browsers Windows, Mac
Over-ride certificate errors Restricting this setting prevents the user from bypassing certificate errors and visiting potentially unsafe websites. Chrome, Edge, Firefox, Ulaa, Chromium Browsers Windows, Mac
Verification of certificate with revocation list Internet Explorer's certificate revocation list verifies certificates against a list of revoked ones, enhancing security by preventing usage of compromised certificates. Internet Explorer Windows
Zone Elevation Protection This policy enables Zone Elevation Protection which ensures that content from a lower security zone cannot execute scripts in a higher security zone. Internet Explorer Windows
Browser Helper Object This policy disables third-party Browser Helper Objects, which can be used to extend browser capabilities, but can also be used maliciously. Internet Explorer Windows
Flash Restriction Restrict Flash plugins and content. Flash is deprecated and known for its security vulnerabilities. Edge, Internet Explorer Windows
IE Plugin Protection Prevents installation of unsigned ActiveX controls or plugins, allowing only verified signed plugins. Internet Explorer Windows
Run scripts on webpages This policy disables the execution of scripts on websites, preventing potentially harmful script-based attacks. Internet Explorer Windows
Unsigned IE plugins Prevents installation of unsigned Internet Explorer plugins or add-ons, enforcing only digitally signed add-ons. Internet Explorer Windows
Block websites with excessive ads Automatically block websites that display intrusive or excessive ads. Chrome, Edge, Chromium Browsers Windows, Mac
Block third party websites that inject code Blocks untrusted third-party websites that attempt to inject unauthorized scripts or modify content on the webpage. Chrome, Chromium Browsers Windows, Mac
Back to Top