Managing Threat Prevention
Quantum Spark 1500, 1600 and 1800 Appliance Series R80.20.40 Locally Managed Administration Guide | 199
One policy is configured for all the blades:
n
Strict - Focuses on security.
n
Recommended - The default option, which gives the best mixture of security and performance for
small/medium sized business.
Note - The performance impact for the "Suspicious Mail Activity" protection in Anti-Bot was changed
to High and is now off by default. To enable this protection, you must configure it in a custom policy.
n
Custom - Manually defined by the user.
To create a custom policy for Threat Prevention:
1. In the Threat Prevention Blade Control page, under Policy, select Custom.
2. For Tracking options, select one of these options:
n
None – Do not log.
n
Log – Create a log.
n
Alert – Log with an alert.
3. Under Protection Activation, for each confidence level (High confidence, Medium confidence, and
Low confidence), select the applicable action from the list:
n
Ask - Traffic is blocked until the user confirms it is allowed.
n
Prevent - Blocks identified virus or bot traffic, or identified malicious files, from passing through
the gateway.
n
Detect - Allows identified virus or bot traffic, or identified malicious files, to pass through the
gateway. This traffic is detected and logged.
n
Inactive - The protection is deactivated.
4. For Severity, select the level:
n
Low or above
n
Medium or above
n
High or above
n
Critical
5. For Performance impact, select the allowed impact level:
n
Low
n
Medium or lower
n
High or lower
6. To load the policy default values, click Load default settings:
n
Recommended
n
Strict
7. To save all settings on the Threat Prevention Blade Control page, click Apply.
To Next Page
Loading...
Need help?
General
