Configuring Threat Prevention Policy Exceptions
Quantum Spark 1500, 1600, and 1800 Appliances R81.10.X Locally Managed Administration Guide|199
allowlists
You can set specified files and URLs that the Anti-Virus, Anti-Bot and Threat Emulation blades do not scan
or analyze. For example, if there are files that you know are safe but can create a false positive when
analyzed, add them to the Files allowlist.
Threat Emulation only: You can set specified email addresses that the blade does not scan and add them to
the Email Addresses allowlist.
To add a file or URL to the allowlist:
1. Select Files allowlist or URLs allowlist.
2. Click New.
The Add File or Add URL window opens.
3. For a file, enter the MD5 checksum that gives the digital signature for a specified file.
4. For a URL, enter the URL.
5. Click Apply
To add an email address to the allowlist:
1. Select Email Addresses allowlist.
2. Click New.
The Add Email Address window opens.
3. Enter the email address.
4. For Type, select Sender or Recipient.
5. Click Apply
To edit or delete an exception rule:
1. Select the relevant rule.
2. Click Edit or Delete.
Threat Prevention - Horizon SOC
The Check Point Horizon SOC (sk164332) is supported from R81.10.00 in the Locally Managed mode.
Horizon SOC enables cybersecurity teams to effectively and efficiently prevent, detect and respond to all
threats. Horizon SOC doubles the effectiveness of SOC teams by automating time-consuming tasks,
allowing security teams to focus on remediation and attack prevention.
You can enable the Horizon SOC feature in the WebUI or through Gaia Clish commands.
To Next Page
Loading...
