Skip to content

Sandstorm - zero-day (unknown and unpublished) threats - Web



Allows for the detection, blocking, and reporting of ransomware and zero-day threats.


  1. Go to PROTECT > Rules and policies > Firewall rules.
  2. Open or create your rule.
  3. Ensure that the following are selected in Security features > Web filtering:
    • Scan HTTP and decrypted HTTPS
    • Detect zero-day threats with Sandstorm
    • Decrypt HTTPS during web proxy filtering
  4. Click Save.
  5. Go to PROTECT > Web > General settings > Protection.
  6. Select Single engine (optimal performance) under Malware and content scanning.
  7. Click Apply.