Intelligent External Dynamic Lists

The solution offers intelligent data management, including automatic data removal in case a specific object is no longer being reported as malicious. It provides high speed data lookup techniques, which bring the database query speed level to avoid API requests that are slow for high volume lookups in real-time.

How does it work?

Data Feeds Scheme

Synapsa Data Feeds contain publishers that feed all specific data using External Dynamic Lists (EDL) into Palo Alto, Fortinet and Checkpoint firewalls in their native format. All firewalls are able to process it without any modification in real-time. It's able to use predefined or custom-defined data feeds based on the threat logs from your network infrastructure, which can be easily shared within all the branches, supply-chain partners or other 3rd parties.

Configurable lifetime

Every data feed has a configurable lifetime for items which were automatically added into the list. The malicious IP address will automatically disappear from the list when there are no more events reporting the specific IoC. The process of adding and removing items into your custom EDL is fully automatic with no need of admin interaction.

Intelligent ACL

Synapsa Data Feeds are not only the basic lists, you have full control over it. You can specify an overlay ACL which allows you to control what items can or cannot be part of the list. Typical example is to prevent critical IPs like gateways, controllers, critical application to be a part of the list

Main features

IP Address List

Synapsa Data Feeds Address Lists

Out of the box IP feeds based on any parameters such as AS Number, ISP, Ripe Maintainer and many others, which allows the use of IP ranges of ISPs, Content Delivery Networks, Cloud providers and other sources directly into your firewall or proxy objects.

IP Data Feeds examples

  • Microsoft 365, Azure, AWS, GCP
  • Any MISP galaxy, attacker kits, ransomware group ranges, botnets
  • TOR exit nodes
  • Known SPAM senders
  • Malicious IPs reported by own security tools
  • Any ISP, CDN from ripe.net, based on AS number, MAINT etc..
  • Any 3rd party list gathered from external source

Domain Address List

Synapsa Data Feeds Address Lists predefined

Out of the box Domain lists which are being gathered from any available sources and transformed into External Dynamic Lists by Synapsa.

Domain Data Feeds examples

  • Compromised domains reported by CTI
  • Newly registered domains with no reputation, parked domains
  • Own domain list for policy based forwarding
  • Testing, staging domains

URL Address List

Synapsa Data Feeds URL Lists

Out of the box URL feeds usually gathered from external sources such as Cyber Threat Intelligence.

URL Data Feeds examples

  • Phishing links
  • Windows update servers
  • Known malware hosting links
  • Cloud infrastructure links
  • API gateway urls

Custom Feed

Synapsa Data Feeds Address Lists connection

Gather data from anywhere using our out-of-the-box connection features.

Custom Feeds examples

  • Data from RIPE
  • Data from MISP Galaxies
  • Active Directory objects
  • Hash Table data
  • any other custom list

Would you like to discover more?

Synapsa Data Feeds - Built in integrations

The list is never final. We are constantly developing new integrations.
Office 365
  • Dynamic IPv4 and IPv6 address list as Data Feed for Microsoft Office 365 services
  • Use external dynamic lists (EDL) to security policy enforcement
  • Easy way to automate Office365 content and data delivery network
RIPE NCC
  • Get any data as Data Feed from Ripe Coordination Centre
  • Use external dynamic lists (EDL) based on AS numbers and maintainer
  • Easy way to automate security policy and leverage AS number criterium
  • Allow your VPN users to only connect from trusted and preferred ISPs
Amazon Web Services
  • Dynamic IPv4 and IPv6 address list as Data Feed for Amazon Web Services
  • Use external dynamic lists (EDL) to security and configuration policy enforcement
  • Easy way to automate AWS content and data delivery network
PhishTank
  • Hourly renewed Data Feed of suspicious phishing URLs
  • Use external dynamic lists (EDL) to security policy enforcement
  • Easy way to automate defense security against known phishing sources
BigData Cloud - Data Feeds
  • Hourly renewed Data Feed of TOR exit nodes
  • Feeding firewalls using External Dynamic Lists (EDL)
  • Look up if the IP if a part of TOR network during the investigation

This website use cookies and analytical data. In case you agree with that please click on the "I agree" button bellow. Details can be found on a page Information for the processing of personal data.