• Wireless Network Manager
• Getting Started with Wireless Network Manager
  • About Wireless Network Manager
  • Using the Wireless Network Manager Interface
  • Using Wireless Network Manager Guide
• Overview
  • Dashboard
  • Alerts
  • Threats
  • Logs
  • Audit
• Using Air Marshal
  • RF Survey
    • Discovered Aps
    • Discover and Report Unassociated Wireless Clients
  • RF Spectrum
  • RF Monitor
  • Packet Capture
    • Wireless
    • Ethernet
  • Bluetooth LE
• Managing Your Network
  • Network Hierarchy
  • Network Topology
  • Zones
  • Devices
    • Managing Access Points
      • Managing the Configuration of Access Points
        • General
          • Bridge Mode
          • NAT Mode
        • Radio
        • SSL VPN
          • Activating SSL VPN
          • Editing SSL-VPN
      • Upgrading the Firmware for Specific Access Points
      • SonicWave Diagnostics
        • Testing Connectivity With Your Gateway or DNS Addresses
        • Testing Connectivity With Ping, Traceroute, or NSLookup
    • Viewing the Wireless Client Journey
    • Port Settings
    • Managing Switches
    • Managing Switch Clients
• Managing Policies
  • Policy Hierarchy
    • Select an AP Policy
      • General
      • System
      • Radio
      • Mesh Network
      • Bluetooth
      • • Certificate
        • Others
      • RRM (Radio Resource Management)
      • WIDP
      • 802.1X
      • Port Setting
      • ALG
      • SNMP
      • Syslog
    • Select a Switch Policy
      • General
      • System
        • Spanning Tree Protocol
        • Link Layer Discovery Protocol
        • Voice VLAN
        • Quality of Service (QoS)
        • Internet Group Management Protocol (IGMP) Snooping
        • Dynamic Host Configuration Protocol (DHCP) Snooping
        • Dynamic Host Configuration Protocol (DHCP) Relay
        • Loopback Detection
        • Jumbo Frames
        • Multicast Filtering
        • 802.1X
        • Static Route IPV4
        • DoS
        • Radius Server
        • Mirror Settings
        • Address Resolution Protocol
        • Static MAC Address Table
        • SNMP
      • Ports
        • Classic Switch Policy
          • General
          • VLAN
          • QoS
          • QoS Storm Control
          • Security
          • ACL
          • 802.1X
      • Port Policy
      • Link Aggregation
        • LACP
        • Group
        • Trunk Port Settings
        • VLAN
      • VLAN
        • General
        • Network
        • IGMP
    • Select an SSID
      • SSID Policies
        • Adding SSID Security Policies
        • Editing SSID Security Policies
      • General
        • Basic
        • Authentication
          • Disabling the Strict Rekey
        • Others
        • VLAN
        • Dynamic VLAN Support
      • Advanced
        • Band Selection
        • IEEE802.11R
        • IEEE 802.11K
        • IEEE802.11V
        • SSL-VPN Security Tunnel Access
        • DNS
        • Agile Multiband
      • Security Policies
      • Guest Portal
        • Sign-on Settings
          • Sign-on with One-Time Passwords
          • Configuring Twilio Billing for SMS
          • Sign-on with LDAP Server Authentication
          • Sign-on with Active Directory Server Authentication
          • Sign-on with RADIUS Server Authentication
          • Sign-on with SAML Authentication
          • Wireless Guest TOTP Authentication
        • Customized Splash Page
          • Use a Linked Image on the Customized Splash Page
          • Collect User Feedback from a Customized Splash Page
    • Select a Security Policy
      • CFS (Content Filtering Service)
        • General
        • Category
        • Enabling or Disabling Reputation
        • URI List
        • Customize Block Page
      • CATP (Capture Advanced Threat Protection)
        • General
        • File Types
        • Protocols
        • MD5 Exclusion List
        • Customize Block Page
      • CAV (Cloud Gateway Anti-Virus)
        • General
        • File Types
        • Protocols
        • MD5 Exclusion List
        • Customize Block Page
      • ACL
        • General
        • Authentication/Association MAC Filtering
        • ACL
        • Bandwidth Management
      • Geo-IP & Botnet
      • APP Control Security Policy
  • AP Policies
  • Using Tags to Manage Access Points and SSIDs
    • Using Tags to Manage Access Points
      • Adding Tags to an Access Point
      • Removing Tags Associated with an Access Point
      • Viewing Tags Associated with an Access Point
    • Using Tags to Manage SSIDs
      • Adding Tags to an SSID Group
      • Removing Tags from an SSID Group
      • Viewing Tags Associated with an SSID Group
  • QoS Policies
  • Wi-Fi Multimeda (WMM) Profiles
    • Creating Wi-Fi Multimeda (WMM) Policies
    • Enabling Wi-Fi Multimeda (WMM) Policies
  • Managing Switch Policies
    • Adding Switch Policies
    • Editing Switch Policies
  • Managing Switch Port Policies
    • Adding Switch Port Policies
      • General
      • VLAN
      • QoS
      • QoS Storm Control
      • Security
      • ACL
      • 802.1X
      • POE
    • Editing Switch Port Policies
  • Security Policies
    • Content Filtering Service
      • Creating Content Filtering Service Security Policies
      • Editing Content Filtering Service Categories
      • Adding Sites to the Allowlists and Blocklists
    • Customizing Blockpage
    • Applying a Security Policy to an SSID Group
    • Capture Advanced Threat Protection
      • Creating Capture Advanced Threat Protection Security Policies
      • Adding an MD5 Hash to the Exclusion List
    • Cloud Anti-Virus
    • Access Control Policies
      • Creating and Editing Access Control Policies
    • Geo-IP & Botnet
    • Application Control
  • Managing SNMP Policies
    • Setting the SNMP ID
    • Adding SNMP Policies
    • Editing SNMP Policies
    • Deleting SNMP Policies
    • Setting SNMP Policies
  • Managing Switch SNMP Policies
    • Adding Switch SNMP Policies
    • Editing Switch SNMP Policies
    • Applying Switch SNMP Policies
• Objects
  • Address Objects
    • Creating Mac Address Objects
    • Creating Address Object Groups
  • Service Objects
  • Matched Objects
  • QoS Objects
  • Schedule Objects
    • Scheduling VAP Security Policy
  • App Objects
  • VLAN Objects
• Admin
  • Reports
    • Generating Report Tasks
    • General Settings
  • Users
    • Configuring User Quota Control
  • Settings
    • General
      • Client Timezone
    • Firmware
    • Notification Center
      • Alert
      • Threat
      • Log
      • Email
      • SMS Event Notifications
  • Certificates
    • Batch Import
    • Import Certificates
  • Using the WiFi Planner
• SonicWall Support
  • About This Document

Creating Capture Advanced Threat Protection Security Policies

In order to take advantage of Capture Advanced Threat Protection (CATP or Capture ATP), create Capture ATP security policies as described below and select the categories of files you want to block. Once you have created a policy, apply it to an SSID group as explained in Applying a Security Policy to an SSID Group.

To create a Capture ATP security policy

1. Navigate to Security > Security Policies.
2. Click Add + to add a new security policy. The Add New Security Policy page displays.
3. Enter the name of the policy.

4. From the Policy Type list, select CATP Security Policy.

   

5. Click Next. The Advanced page displays.

6. In the General section, click Enable to enable the Capture ATP policy you have selected. Unselect it to disable the policy.
7. Choose the Schedule from the drop-down list.

8. Click the Block Until Verdict to enable to decide whether questionable files should be allowed to pass.

   If you are not concerned about their safety, you can allow them. If you do not want to take the chance of their being dangerous, select Block Until Verdict.

9. Optionally, you can set a Maximum File Size. The default maximum size is 10240 bytes. For SonicWave 231c/224w/231o models, the maximum size will reduce to 5120KB due to limited memory."

   The following table shows the maximum size supported on the models:

   Models	Maximum size
   SonicWave231c/231o/224w	5,120 KB
   SonicWave432i/432e/432o	10,240 KB
   SonicWave621	1,024 KB
   SonicWave641/681	10,240 KB

   
   

10. You can set the acceptable files types by checking any of the File Types boxes.
11. Select the Protocol(s) as required.
12. Specify the MD5 Exclusion List. For more information, refer to Adding an MD5 Hash to the Exclusion List.
13. Click Save to save your selections.

The policy is now listed on the Security > Security Policies page.