Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

PB#1064A: ThreatDV - Reputation Handling of CDN and CSP

    • Updated:
    • 9 Dec 2016
    • Product/Version:
    • TippingPoint ThreatDV
    • Platform:
Summary
ThreatDV - Reputation Handling of Content Delivery Networks (CDN) and Cloud Service Providers (CSP). UPDATE
Details
Public
Product Bulletin #: 1064A

Subject: ThreatDV - Reputation Handling of Content Delivery Networks (CDN) and Cloud Service Providers (CSP)

Date of Announcement: December 9, 2016

This bulletin is an update from Product Bulletin #1064, referencing a proposed solution for Reputation handling of CDN and CSP entries.

Today, we are releasing the initial enhancement to our ThreatDV Reputation product for whitelisting CSP and CDN entries in the Reputation product database. This is a temporary measure to eliminate the majority of network impact for customers experiencing issues blocking major CSP or CDN providers. Trend Micro TippingPoint has identified and removed the relevant entries for the following organizations delivering CSP or CDN services in its reputation feed and has taken action to ensure they are not added back in. Trend Micro TippingPoint will continue to monitor the feed for these and other relevant organizations:
 
Akamai Technologies, Inc.Highwinds Technologies
Amazon.com, Inc.International Business Machines Corporation
Networks Co., LTD.Microsoft Corporation
CloudFlare, Inc.Oracle Corporation
Facebook, Inc.Rackspace US, Inc.
FDCservers.netSucuri, Inc.
FOXCLOUD LLPVerizon Trademark Services LLC
Google Inc. 

Our whitelisting process runs 24x7x365 and consists of reverse lookups and WHOIS queries to determine the organization associated with an IP address. We then correlate the domain to the above list of CSP or CDNs and add the entry to the Reputation whitelist. This effectively removes the offending IP address from the package generated for our customers. This initial enhancement will remove all mapped CSP or CDN entries. Due to the amount of time it takes to query all new IP addresses across all reputation feeds, the CSP or CDN entry may or may not be removed from each new package. However, it should be removed with the release of a subsequent package which could take up to twenty-four hours.

We are actively working to decrease the amount of time it takes to remove CSP or CDN entries. In a future release we aim to add the CSP or CDN tags to the Reputation package for each of these entries, allowing customers to create and apply policy for both CSP and CDN defined IP addresses. Additional information related to this release will be made available as we near delivery of the finished product.

If you have concerns or further questions regarding this issue, contact the Trend Micro TippingPoint Technical Assistance Center (TAC).


Thank you,
Trend Micro™ TippingPoint

For updated contact information, please click here.

 
© Copyright 2018 Trend Micro Incorporated. All rights reserved. Trend Micro, the Trend Micro logo, TippingPoint, the TippingPoint logo, and Digital Vaccine are trademarks or registered trademarks of Trend Micro Incorporated. TippingPoint Reg. U.S. Pat. & Tm. Off. The information is provided "as is" without warranty of any kind and is subject to change without notice. The only warranties for Trend Micro products and services are set forth in the express warranty statements accompanying such products and services. nothing herein should be construed as constituting an additional warranty. Trend Micro shall not be liable for technical or editorial errors or omissions contained herein.
Premium
Internal
Rating:
Category:
Configure; Troubleshoot
Solution Id:
TP000118084
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.