ThreatBlockr Anywhere Server
ThreatBlockr | ThreatBlockr Anywhere Server r154Linux/Unix, Ubuntu 22.04 LTS - 64-bit Amazon Machine Image (AMI)
Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
ThreatBlockr is the best bump-in-the-wire IP/URL reputation security appliance I've ever used!
What do you like best about the product?
The ability to ingest, aggregate, and take action based on different threat reputation and open-source feeds using STIX/TAXII and web .txt URLs.
This is something only a combination of SIEM/SOAR/UTM/TIP solutions could do.
Often this combination focuses on enrichment and IOC hunting, but it was difficult to ever take this information and compile it into a meaningful reputation block list that an NGFW could then ingest and take action with.
This is something only a combination of SIEM/SOAR/UTM/TIP solutions could do.
Often this combination focuses on enrichment and IOC hunting, but it was difficult to ever take this information and compile it into a meaningful reputation block list that an NGFW could then ingest and take action with.
What do you dislike about the product?
Centralized logging of the different appliances' web activities such as their blocking behavior requires a SIEM or centralized Syslog server.
It doesn't allow for centralized searching of these logs via the SaaS portal.
It doesn't allow for centralized searching of these logs via the SaaS portal.
What problems is the product solving and how is that benefiting you?
Solved holes in NGFW reputation-based blocks and is easier to administrate and troubleshoot activity than most NGFWs.
Allowed us to pull in different paid and open-source STIX/TAXII and URL-based reputation sources and create our own block lists which is much more complex and difficult to achieve when combining SIEM/SOAR/UTM/TIP/NGFW technology stacks.
Geo-Blocking is probably the best on the market and we prefer it heavily over similar NGFW functionality.
If you have worked with some of the leading Cloud WAF Geo-Blocking rulesets and policies; ThreatBlockr is their on-prem equivalent in ease of implementation, effectiveness, and administration.
Allowed us to pull in different paid and open-source STIX/TAXII and URL-based reputation sources and create our own block lists which is much more complex and difficult to achieve when combining SIEM/SOAR/UTM/TIP/NGFW technology stacks.
Geo-Blocking is probably the best on the market and we prefer it heavily over similar NGFW functionality.
If you have worked with some of the leading Cloud WAF Geo-Blocking rulesets and policies; ThreatBlockr is their on-prem equivalent in ease of implementation, effectiveness, and administration.
- Leave a Comment |
- Mark review as helpful
The protection works well and the support team is great.
What do you like best about the product?
I appreciate the additional email alerts to make sure our Bandura device is fully patched, and the other emails showing the protection stats.
What do you dislike about the product?
I don't have a specific item to dislike.
What problems is the product solving and how is that benefiting you?
It provides the additional layer of protection we desired in our infrastructure, along with consistently updating its known threats. We do utilize the country blocks too.
Extremely Simple & Effective Network Protection
What do you like best about the product?
The appliances are effortless to deploy, configure, and maintain. We can quickly look up log data on each device individually when we suspect something may be getting blocked. Their reports clearly illustrate the importance of the service to leadership. Using ThreatBlockr appliances between our UTMs and our WAN connections have allowed us to offload much of the load that our UTMs would have needed to process if they were connected directly to the Internet.
What do you dislike about the product?
Sometimes, the threat lists block shared webserver IPs, resulting in false positive blocking of legitimate websites. Because of where we position the appliances in our topology, I can't easily see what specific hosts on our internal network are trying to access so we often have to compare ThreatBlockr logs to UTM logs to get the full picture.
What problems is the product solving and how is that benefiting you?
Adding a very effective 1st layer of defense to our network helps ensure that malicious traffic (both inbound and potentially outbound) is blocked efficiently based on crowdsourced lists.
Threatblockr Is A Game-Changer In The Cybersecurity Field!
What do you like best about the product?
We've been using Threatblockr for over five years, which has met all our cybersecurity needs. We are incredibly pleased with its performance. The software is easy to use and navigate. It has proven to be very effective in protecting our devices and personal information from potential threats by blocking all non-domestic traffic and all the threat lists we subscribe to. One of the features I appreciate the most is the real-time blocking and the ability to view the logs in real-time. The customer support team has also been very helpful in answering any questions we have had. I highly recommend Threatblockr to anyone looking for reliable and user-friendly cybersecurity solutions to simply block malicious traffic.
What do you dislike about the product?
A few things that I would recommend is to be able to drill down in more detail on the specific traffic that is being allowed and blocked. It would be nice to have a more interactive dashboard to try and see what IPs are doing with particular features (i.e., Blocked by Reason, Blocked by Category, Blocked by Country, and Blocked by ASN). It would be beneficial to look into this data to identify the traffic without looking at the exported logs.
What problems is the product solving and how is that benefiting you?
The problems that ThreatBlockr is solving is by blocking all non-domestic traffic that we, as our domestic bank, does not do business with, and with any threat lists that is out there that are indeed malicious to avoid traffic to our network devices (i.e., firewalls, web filtering)
Outstanding gatekeeper for our castle
What do you like best about the product?
ThreatBlockr sits in front of our primary control points to scrape off off the known junk, thereby reducing the load on our remaining control points.
What do you dislike about the product?
We have not found any downsides to using ThreatBlockr
What problems is the product solving and how is that benefiting you?
ThreatBlockr helps filter out the known junk traffic, thereby making our other control points much more efficient.
ThreatBlockr has greatly reduced our public attack surface
What do you like best about the product?
Ease of use, provided dynamic threat lists are constantly updated, simple geo blocking. We 've done extensive geo blocking and malicious traffic at our edge probably dropped by 90%
What do you dislike about the product?
Sometimes the threat lists can be overzealous blocking legitimate IPs. Would like to see improved handling of domain allow/block lists. It's a multi-step process to do a DNS lookup on a domain then add the IPs to a block/allow list.
What problems is the product solving and how is that benefiting you?
ThreatBlockr has greatly reduced the malicious traffic to our network edge. It filters out a lot of noise and makes monitoring for threats easier.
ThreatBlockr Works
What do you like best about the product?
ThreatBlockr works without maintenance; blacklists are updated automatically. ThreatBlockr support is very responsive.
What do you dislike about the product?
I dont have anything that i dont like about ThreatBlockr
What problems is the product solving and how is that benefiting you?
ThreatBlockr keeps our network safe my denying bad guys from even seeing our network
One of the best appliances you never knew you needed!
What do you like best about the product?
We've had a ThreatBlockr device ever since I arrived at my organization almost 7 years ago. It was brought in by my now senior manager and I would never deploy another site without one.
This appliance allows such an easy way to do geoblocking, it is incredible, point, click, save. Need to see if the country is blocked? No problem just type it in.
Allows me with pinpoint accuracy to adjust what I want in and out of my network before it even gets to my firewall with simple sliders. I get full control over how much risk I want to take with which ASNs. Need to allow some ASN traffic but want to make sure a slight deviation in the threat score blocks it? No problem, you adjust the slider from 0 to 100 or -100.
Solid insights on threat levels of malicious IPs/Websites.
Whitelist/Blacklisting lists are super simple to use.
Plus ThreatBlockr has a ton of out-of-the-box content lists you can link to.
I've also dabbled in having a dynamic list linked to a Google doc that I can update an IP or Website I want blocked into the Google doc and it transverses to the policy seamlessly.
With the GMC portal I can get single pane of glass review of both my devices across both our ISPs in front of our HA'd firewalls.
Support is top-notch as well, which is great, but I've rarely had to use it.
Updating is a breeze!
This appliance allows such an easy way to do geoblocking, it is incredible, point, click, save. Need to see if the country is blocked? No problem just type it in.
Allows me with pinpoint accuracy to adjust what I want in and out of my network before it even gets to my firewall with simple sliders. I get full control over how much risk I want to take with which ASNs. Need to allow some ASN traffic but want to make sure a slight deviation in the threat score blocks it? No problem, you adjust the slider from 0 to 100 or -100.
Solid insights on threat levels of malicious IPs/Websites.
Whitelist/Blacklisting lists are super simple to use.
Plus ThreatBlockr has a ton of out-of-the-box content lists you can link to.
I've also dabbled in having a dynamic list linked to a Google doc that I can update an IP or Website I want blocked into the Google doc and it transverses to the policy seamlessly.
With the GMC portal I can get single pane of glass review of both my devices across both our ISPs in front of our HA'd firewalls.
Support is top-notch as well, which is great, but I've rarely had to use it.
Updating is a breeze!
What do you dislike about the product?
My biggest gripe is when the Threatblockr is restricting a site, there is no splash page like OpenDNS/Umbrella. Also if Im Geoblocking a certain country and the website is coming from there and I run a search inside the GMC, it won't tell me if it is in a blocked country or not, kind of slows me down.
Otherwise the interface is rock solid.
Otherwise the interface is rock solid.
What problems is the product solving and how is that benefiting you?
Geoblocking is such a great 1st line defense. Then the ASN sliders so I can adjust things as I see fit, not how the vendor does or would that I see with other products. Its the perfect appliance for the practicing of defense in depth and Zero Trust.
ThreatBlockr Just Works
What do you like best about the product?
Adding sites to our allow list is simple, taking only a minute or so, and the change takes effect immediately.
What do you dislike about the product?
I would love to be able to add sites by domain name, rather than IP address, if I had to find a complaint.
What problems is the product solving and how is that benefiting you?
We have staff located globally, so any extra layer of security that we can implement, especially ones that may prevent a ransomware infection, are extremly valuable.
ThreatBlockr is an extensible and easy to manage shun solution
What do you like best about the product?
ThreatBlockr supports integration with open source IP and domain block lists, but also supports premium feeds. This allows us to leverage integrations with other soltuions we are already using for other purposes.
What do you dislike about the product?
The blocking is IP based. For today's Internet, where a single IP my host 500 websites, or where CDNs means that IPs can change in an instant, this is a big weakness. But, due to how the technology works and how it fits into the network, it may be something that can never be "fixed".
What problems is the product solving and how is that benefiting you?
A shun device sits at the edge of the network, outside the firewall. It should be efficient and fast. It should introduce minimal latency and barely be a "bump in the wire". ThreatBlockr blocks thousands fo threats a day with few false positives. It keeps traffic from ever reaching our firewall which increases its efficency. It is a vital part of our layered defenses.
showing 1 - 10