Set Up Antivirus, Anti-Spyware, and Vulnerability Protection
Where Can I Use
This?
What Do I Need?
Prisma Access
NGFW
Advanced
Threat Prevention or Threat Prevention License
Every Palo Alto Networks next-generation firewall comes with
predefined Antivirus, Anti-Spyware, and Vulnerability Protection profiles that
you can attach to Security policy rules. There is one predefined
Antivirus profile,
default
, which uses the
default action for each protocol (block HTTP, FTP, and SMB traffic
and alert on SMTP, IMAP, and POP3 traffic). There are two predefined
Anti-Spyware and Vulnerability Protection profiles:
default
—Applies the default action
to all client and server critical, high, and medium severity spyware/vulnerability
protection events. It does not detect low and informational events.
strict
—Applies the block response
to all client and server critical, high and medium severity spyware/vulnerability
protection events and uses the default action for low and informational
events.
To ensure that the traffic entering your network is free from
threats, attach the predefined profiles to your basic web access
policies. As you monitor the traffic on your network and expand
your policy rulebase, you can then design more granular profiles
to address your specific security needs.
Use the following workflow to set up the default Antivirus, Anti-Spyware,
and Vulnerability Protection Security Profiles.
