Creating Shield Lists
For customizing Threat Detection and Smart Access, Box Shield enables you to create Shield lists, which are lists of locations, domains, applications, host IP addresses, or email addresses that you can later either include in or exclude from your threat detection rules.
Shield List Limits
The following table describes the limits in Shield lists.
Item | Limit |
---|---|
IP addresses | 100,000 |
Locations | 100,000 |
Domains | 100,000 |
Applications | The same # of applications an enterprise can integrate with Box. |
Email addresses | 100,000 |
To create a list of locations:
The locations that can be used in Shield location lists are countries.
- In the Admin Console's left pane, click Shield.
- In the top of the Shield window, click Lists.
- In the top-right corner of the list window, click Create Shield List and select Locations.
- In Shield List Name, type a name for your Shield list.
- In Description, type a summary of the list's purpose.
- Click Add Countries.
- Type a comma-separated list of country names. As you type, Box displays names of countries you can select.
- In the top-right corner of the window, click Next.
- Click Create List. You may need to refresh the window to see the updated lists.
To create a list of domains:
- In the Admin Console's left pane, click Shield.
- In the top of the Shield window, click Lists.
- In the top-right corner of the list window, click Create Shield List and select Domains.
- In Shield List Name, type a name for your Shield list.
- In Description, type a summary of the list's purpose.
- In Enter Domains, type a comma-separated list of domains.
- In the top-right corner of the window, click Next.
- Click Create List. You may need to refresh the window to see the updated lists.
To create a list of applications:
- In the Admin Console's left pane, click Shield.
- In the top of the Shield window, click Lists.
- In the top-right corner of the list window, click Create Shield List and select Applications.
- In Shield List Name, type a name for your Shield list.
- In Description, type a summary of the list's purpose.
- In Enter Applications, type the name of an application. As you type, Box displays the list of applications currently available to your account. Select an application.
- In the top-right corner of the window, click Next.
- Click Create List. You may need to refresh the window to see the updated lists.
To create a list of host IP Addresses:
- In the Admin Console's left pane, click Shield.
- In the top of the Shield window, click Lists.
- In the top-right corner of the list window, click Create Shield List and select Host IP Addresses.
- In Shield List Name, type a name for your Shield list.
- In Description, type a summary of the list's purpose.
- In Enter IP Address/CIDR Blocks (IPv4), type a comma-separated list of host IP addresses.
- In the top-right corner of the window, click Next.
- Click Create List. You may need to refresh the window to see the updated lists.
To create a list of email addresses:
- In the Admin Console's left pane, click Shield.
- In the top of the Shield window, click Lists.
- In the top-right corner of the list window, click Create Shield List and select Email Addresses.
- In Shield List Name, enter a descriptive a name for your Shield list.
- In Description, enter a summary of the list's purpose.
- In Enter Email Addresses, enter one or more valid email addresses, separated by either commas or new lines.
- In the top-right corner of the window, click Next.
- Click Create List. You may need to refresh the window to see the updated lists.
Note
You can also use your Shield lists as an allowlist or denylist when defining detection rules in Threat Detection or restrictions in Smart Access, as shown in the following table:
List Type | Usage |
---|---|
Locations | Detection rules: Suspicious location |
Domains | Access policies: External collaboration restriction |
Applications |
Access policies: Application restriction |
IP addresses | Detection rules: Suspicious location |
Email addresses | Access policies: External collaboration restriction |
Modifying a list
To modify a list:
- In the Admin Console's left pane, click Shield.
- In the top of the Shield window, click Lists.
- Click a list's name.
- In the top-right corner of the window, click Edit.
- After editing the list, in the top-right corner of the window click Save.
Deleting a list
To delete a list:
- In the Admin Console's left pane, click Shield.
- In the top of the Shield window, click Lists.
- Click a list's name.
- In the top-right corner of the window click Delete.