The cognitix Threat Defender version 20180201.0 provides various new features and improvements of the layer 2 firewall.

For further information on the cognitix Threat Defender, visit or contact us at

New Features

  • Integration of Indicators of Compromise (IoC)
    The Threat Defender now integrates Threat Intelligence feeds with Indicators of Compromise. They allow you to monitor information from these feeds in the reporting dashboards and to create firewall rules to specify reactions, such as blocking or logging.

  • Reporting contains IP names
    The analytics dashboards now display resolved IP names where possible.

  • New DLP pattern types
    Using data leakage protection profiles, you can now scan filenames and file contents for hexadecimal patterns in addition to string patterns.

  • New features for network objects

    • Static network objects can now store MAC addresses in addition to IP addresses.

    • There is a new filter feature for network objects: You can now filter static and dynamic network objects by name. In addition, static network objects can be filtered by the IP addresses and/or MAC addresses they include or exclude.

  • Enhanced tracking
    Using event tracking tables, you can now track more data types: IPS IDs, MAC addresses, VLAN tags and domains.


  • Updates of the Threat Defender are now faster.

  • When you create or edit rules, you can now access various settings screens (static network objects, schedules, etc.) from the rule screen.

Solved Issues

  • ┬áCustom URL categories may now contain non-ASCII characters.

Known Issues

  • When you install an update, any additionally available updates are removed from the updates list. However, they are displayed again as soon as the system carries out the next update check.