Set Up Antivirus, Anti-Spyware, and Vulnerability Protection

Where Can I Use This?
What Do I Need?
  • Prisma Access
  • NGFW
  • Advanced Threat Prevention or Threat Prevention License
Every Palo Alto Networks next-generation firewall comes with predefined Antivirus, Anti-Spyware, and Vulnerability Protection profiles that you can attach to Security policy rules. There is one predefined Antivirus profile,
default
, which uses the default action for each protocol (block HTTP, FTP, and SMB traffic and alert on SMTP, IMAP, and POP3 traffic). There are two predefined Anti-Spyware and Vulnerability Protection profiles:
  • default
    —Applies the default action to all client and server critical, high, and medium severity spyware/vulnerability protection events. It does not detect low and informational events.
  • strict
    —Applies the block response to all client and server critical, high and medium severity spyware/vulnerability protection events and uses the default action for low and informational events.
To ensure that the traffic entering your network is free from threats, attach the predefined profiles to your basic web access policies. As you monitor the traffic on your network and expand your policy rulebase, you can then design more granular profiles to address your specific security needs.
Use the following workflow to set up the default Antivirus, Anti-Spyware, and Vulnerability Protection Security Profiles.

Recommended For You