Skip to main content
Altostrat SDX centralizes the controls that are usually scattered across routers, scripts, spreadsheets, and security tools. You define security intent in the portal, attach it to the right sites, and use monitoring, reports, and audit logs to verify what changed. Security in SDX is layered. DNS policies influence where users can browse. Security Essentials policies block known-risk network destinations. Security groups shape allowed traffic. Vulnerability schedules identify exposed CVEs. Audit logs help you investigate who changed what.

Choose the Right Control

Use each security feature for a different part of your operating model.

DNS Content Filtering

Apply category, SafeSearch, domain allow-list, and domain block-list policies to sites.

Security Essentials

Attach continuously updated threat mitigation lists to reduce exposure to known-risk networks.

Security Groups

Build reusable firewall policies with ordered rules, common services, custom ports, CIDRs, and prefix lists.

Vulnerability Scanning

Schedule CVE scans, review affected hosts, and track remediation status across sites.

Audit Logs

Search workspace activity when you need to understand a change, investigate access, or support compliance review.

Operating Pattern

  1. Start with broad site segmentation using teams, tags, and security groups.
  2. Add DNS content policies for user-facing environments.
  3. Attach Security Essentials policies where internet egress needs threat mitigation.
  4. Schedule vulnerability scans for networks with devices you are responsible for maintaining.
  5. Review audit logs and monitoring data before and after high-risk changes.
Use tags from Metadata and Tags to keep security assignments scalable. A tag-driven operating model is easier to maintain than one-off policy exceptions per site.