About this Documentation

This documentation describes cognitix Threat Defender (or Threat Defender for short) version 20201008.2.0.0. For an overview of the most significant changes in this version, see What’s new in this version?

This manual contains the following chapters:

  • This introductory section contains general information on how to use this manual and provides an overview of the Technical Concepts of Threat Defender used by Threat Defender.

  • The Installation and Setup section explains how to install and set up Threat Defender.

  • The Usage section illustrates the basic usage of Threat Defender as well as complex use cases.

  • The Interface Reference section describes the individual screens of the user interface and their elements.

  • The Appendix contains supplementary documentation.

If you want to read this documentation offline, you can open it as PDF .

Intended Audience

This manual is for network administrators and technicians who are responsible for installing and configuring Threat Defender as well as defining the network policy.

To be able to use this manual effectively, a solid background knowledge and experience regarding networking concepts is required.

For users new to Threat Defender, its central terms and concepts are explained under Technical Concepts of Threat Defender. They can also find step-by-step instructions to its most important features under Basic Usage.

Users already familiar with Threat Defender can find typical application examples under Advanced Usage.


The following typographic conventions and notations are used to represent information in this manual.

Elements of the graphical user interface are indicated as follows:

  • Buttons, checkboxes, list names and other GUI items appear in bold font.

  • List options and literal text appear in a fixed-width font.

  • A sequence of menu commands is indicated as follows: Policy > Network Objects > Static Network Objects. In this case, go to the Policy menu, select Network Objects and open the Static Network Objects tab.

    SNO menucascade

    Policy > Network Objects > Static Network Objects

Links appear as blue text.

Glossary terms appear as green text. Click the term to jump to the respective section in the glossary.

The following types of notes are used to indicate additional information or call attention to a particular point:


This note contains useful tips that make your work easier.


This note contains important information.


This note contains information that is very important to consider. If it is not observed, network security may be at risk.