Dynamic Defense

Navigation: Policy > Apps

To begin blocking or allowing access to content based on Apps, navigate to the body of the Apps Security Module shown above.

Once here, search for the specific App which you would like to block or allow access.

For each App you will be making two block or allow decisions, one "Outbound" (Traffic coming from your network to the Internet) and the second "Inbound" (Traffic Coming from the Internet to your Network). The Green Check = Allow and the Red Minus = Block.

Please be aware, the Dynamic Defense Service has a default rule that is applied to any application not specifically managed in the App home page. Your default rule is displayed at the top of the App home page.

If the app you are looking for does not appear in your inventory, select "Add" on the right side of the page and search for the app you need to add.

Example:

Let's assume you would like to allow Gmail app traffic both outbound from your network and inbound from the internet, but it is not located in your inventory. 

You would:

1. Click "Add" on the right side of the page
2. Search for "Gmail"
3. Check the box next to "Gmail"
4. Click "Add"

Below is what you would see after adding Gmail.

If any dependent apps are needed when adding your selected app, the dependent app will also be added to your Apps page inventory. In this example, "Google-Base" was added when selecting "Gmail" along with a few other necessary apps.

In the above example, the default app policy is set to Block inbound and outbound, so the recently added app is automatically added with toggles set to Allow for both inbound and outbound traffic.

After the block and allow decisions have been decided for each App in your policy change, you can now proceed to Step 3.

Propagating configuration changes throughout the AT&T Dynamic Defense portal is a simple process.

Step 3a:

Making policy changes (e.g. adding, editing, or deleting policy rules) will be represented in a draft state shown on the right-hand side of the screen when the first policy edit is made. A draft will not be made active until you complete the remaining steps.

Step 3b:

When ready to apply your new policy, move your mouse over the "Draft" button and click "Apply Policy" to activate the draft state. Activating the changes effectively pushes the configuration changes to the network embedded security to be applied across your AT&T Dedicated Internet connection.

A prompt will appear asking if you are sure you want to continue. Here you can add any notes about the new policy and then select "Continue" to activate the policy.

Step 3c:

After applying the policy, the Draft state will then convert into a Pending state as the policy is pushed over the network to be updated within the AT&T Dynamic Defense Service.

Step 3d:

Once the policy is successfully updated within the AT&T Dynamic Defense Service the status will then be updated to an active state and a new notification will be populated to show success.