Features
Integrated in Minutes, Without Agent or Appliance
Why Cybora uses existing external-list, alias, and threat-feed functions instead of placing a new system inside the network.
Last updated: June 26, 2026
On this page
Cybora is built as a feed service for existing firewalls. A typical integration consists of an HTTPS URL that the firewall retrieves regularly and stores in a native list, alias, External Dynamic List, or threat-feed object.
This is intentionally simple. No agent, appliance, sidecar system, or complex API integration is required inside the customer network.
Why native functions matter
Native firewall functions have several advantages:
- they fit into existing operations and change processes
- they are monitored and updated by the firewall vendor
- they are visible and understandable to admins
- they do not require an additional network component
- they integrate with existing policies, logs, and backups
Cybora delivers the feed. Enforcement happens on the firewall wherever the platform natively supports external lists.
Typical workflow
The technical workflow is usually similar:
- Copy the feed URL with the license key.
- Choose the relevant indicator type:
ipv4,domain, orurl. - Add the URL to the firewall’s native list function.
- Set the polling interval according to the plan.
- Reference the list in a policy.
- Verify retrieval, import, and matches in logs.
Firewall-specific details are documented in the guides under Firewalls.
Limits
Not every firewall supports every indicator type equally well. Some platforms process IP lists very well, but cannot enforce URL lists from an external source. Feed type and firewall function must therefore fit together. More about this is documented in IPv4, Domains, and URLs.