Configuring Threat Prevention Policy Exceptions
R81.10.X Quantum Spark 1500, 1600, 1800, 1900, 2000 Appliances Locally Managed Administration Guide|282
n
Service/Port - Type of network service. If you make an exception for a specified
protection on a specific service/port, you might cause the protection to be
ineffective.
n
Action - Select the applicable action to enforce on the matching traffic: Ask,
Prevent, Detect or Inactive. See the Threat Prevention > Threat Prevention
Blade Control page for a description of the action types.
n
Log - Select the tracking option: None, Log, or Alert. Logs are shown on the Logs
& Monitoring > Security Logs page. An alert is a flag on a log. You can use it to
filter logs.
4. Optional - Add a comment in the Write a comment field.
5. Click Apply
allowlists
You can set specified files and URLs that the Anti-Virus, Anti-Bot and Threat Emulation blades
do not scan or analyze. For example, if there are files that you know are safe but can create a
false positive when analyzed, add them to the Files allowlist.
Threat Emulation only: You can set specified email addresses that the blade does not scan
and add them to the Email Addresses allowlist.
To add a file or URL to the allowlist:
1. Select Files allowlist or URLs allowlist.
2. Click New.
The Add File or Add URL window opens.
3. For a file, enter the MD5 checksum that gives the digital signature for a specified file.
4. For a URL, enter the URL.
5. Click Apply
To add an email address to the allowlist:
1. Select Email Addresses allowlist.
2. Click New.
The Add Email Address window opens.
3. Enter the email address.
4. For Type, select Sender or Recipient.
5. Click Apply
To Next Page
Loading...
