Viewing Infected Devices
R81.10.X Quantum Spark 1500, 1600, 1800, 1900, 2000 Appliances Locally Managed Administration Guide|287
To add a malware exception rule for a specified protection
1. Select the list entry that contains the protection for which to create an exception.
2. Click Add Protection Exception.
3. Click the links in the rule summary or the table cells to select network objects or
options that fill out the exception rule fields.
n
Scope - Select either Any or a specific scope from the list. If necessary, you can
create a New network object, network object group, or local user.
If it is necessary to negate a specified scope, select the scope and select the
Any Scope except checkbox.
For example, if the scope of the exception should include all scopes
except
for
the DMZ network, select DMZ network and select the Any Scope except
checkbox.
Note - DMZ is not supported in 1530 / 1550 appliances.
n
Action - Select the applicable action to enforce on the matching traffic: Ask,
Prevent, Detect or Inactive.
See the Threat Prevention > Threat Prevention Blade Control page for a
description of the action types.
n
Log - Select the tracking option: None, Log, or Alert.
Logs are shown on the Logs & Monitoring > Security Logs page.
An alert is a flag on a log. You can use it to filter logs.
4. Optional - Add a comment in the Write a comment field.
5. Click Apply
The rule is added to Malware Exceptions on the Threat Prevention > Exceptions
page.
To view the logs of a specified entry:
1. In the Logs and Monitoring tab, select the list entry for which to view logs.
2. Click Logs.
The Security Logs page opens and shows the logs applicable to the IP/MAC address.
To Next Page
Loading...
