Advanced Threat Prevention Engine Settings
R81.10.X Quantum Spark 1500, 1600, 1800, 1900, 2000 Appliances Locally Managed Administration Guide|291
n
FTP - Disabled by default.
To activate FTP:
a. In the WebUI go to Home > Security Dashboard and turn on the Anti-Virus
Software Blade.
b. Connect to the command line and run this command:
set threat-prevention anti-virus policy protocol-ftp
true
c. Install Policy.
You must activate the SSL traffic inspection to scan HTTP and IMAP encrypted traffic.
To activate, click the link or go to Access Policy > SSL Inspection Policy.
3. Select one of the file type policy options:
n
Process file types known to contain malware
n
Process all file types
n
Process specific file type families - Click Configure for a list of file types and set
prescribed actions to take place when these files pass through the Anti-Virus
engine. To edit an action for a specified file type, right-click the row and click Edit.
The available actions are:
l
Scan - The Anti-Virus engine scans files of this type.
l
Block - The Anti-Virus engine does not allow files of this type to pass through
it.
l
Pass - The Anti-Virus engine does not inspect files of this type and lets them
pass through.
You cannot delete system defined file types. System defined file types are
recognized by built-in signatures that cannot be edited. Manually defined file
types are recognized by their extension and are supported through the web
and mail protocols.
4. You can set policy overrides to override the general policy setting defined on the Threat
Prevention Blade Control page. For each of the below protection type options, you can
set the applicable override action: Ask, Prevent, Detect, Inactive, or According to policy
(no override). See the Threat Prevention > Threat Prevention Blade Control page for a
description of the action types.
n
URLs with malware - Protections related to URLs that are used for malware
distribution and malware infection servers.
To Next Page
Loading...
