Class: Aws::Route53Resolver::Types::DnsThreatProtectionRuleTypeConfig

Inherits:

Struct

Object
Struct
Aws::Route53Resolver::Types::DnsThreatProtectionRuleTypeConfig

show all

Includes:: Structure

Defined in:: lib/aws-sdk-route53resolver/types.rb

Overview

The configuration for a DNS threat protection rule type within the rule type framework.

Constant Summary collapse

SENSITIVE =

[]

Instance Attribute Summary collapse

#confidence_threshold ⇒ String

The confidence threshold for DNS Firewall Advanced.
#value ⇒ String

The type of DNS threat protection.

Instance Attribute Details

#confidence_threshold ⇒ `String`

The confidence threshold for DNS Firewall Advanced. You must provide this value when you create or update a DNS Firewall Advanced rule. The confidence level values mean:

‘LOW`: Provides the highest detection rate for threats, but also increases false positives.
‘MEDIUM`: Provides a balance between detecting threats and false positives.
‘HIGH`: Detects only the most well corroborated threats with a low rate of false positives.

Returns:

(String)

# File 'lib/aws-sdk-route53resolver/types.rb', line 1739

class DnsThreatProtectionRuleTypeConfig < Struct.new(
  :value,
  :confidence_threshold)
  SENSITIVE = []
  include Aws::Structure
end

#value ⇒ `String`

The type of DNS threat protection. Valid values are:

‘DGA`: Domain generation algorithms detection. DGAs are used by attackers to generate a large number of domains to launch malware attacks.
‘DNS_TUNNELING`: DNS tunneling detection. DNS tunneling is used by attackers to exfiltrate data from the client by using the DNS tunnel without making a network connection to the client.
‘DICT_DGA`: Dictionary-based domain generation algorithms detection. Dictionary DGAs use wordlists to generate domains that appear more legitimate, making them harder to detect than traditional DGAs.