I wonder if the current McAfee Web Gateway procy application does have the daily updated list of suspicious IP addresses ?
For example, I'm a subscriber of https://www.recordedfuture.com/cyber-threat-intelligence list which sends me daily known / dangerous IP addresses like:
Hits: 23 | First seen in Recorded Future on 27 Oct 2014 22:17:57
Hits: 23 | First seen in Recorded Future on 03 Sep 2015 20:56:36
Hits: 22 | First seen in Recorded Future on 27 Oct 2014 22:48:33
Hits: 21 | First seen in Recorded Future on 03 Aug 2016 10:40:59
Hits: 20 | First seen in Recorded Future on 18 Aug 2016 14:29:18
Note: I'm using The hardware appliance MWG version 18.104.22.168.0 (20828), so not sure if there is a feature like that ?
Any help and suggestion would be greatly appreciated.
Naturally MWG uses its GTI integration feature for IP reputation. See Check Single URL
Hope it helps.
IP-Reputation is updated in regulary intervals. You can change the scheduling value. Additional, if there is not entry in the local URL Filter Database (IP Reputation is included in the URL Filter database) MWG does a GTI lookup in Real Time.
You can configure forward and backward DNS lookup (and other stuff) in the URL Filter settings.
Finally, yes, IP Reputation is updated in regular intervals and also in real time.
Hope this helps,