Prisma Access

  1. Exclude antivirus signatures from enforcement.
    While you can use an WildFire and Antivirus profile to exclude antivirus signatures from enforcement, you cannot change the action is enforced for a specific antivirus signature. However, you can define the enforceable action when viruses are found in different types of traffic by editing the security profile
    Enforcement Actions
    .
    1. Select
      Manage
      Configuration
      WildFire and Antivirus
      .
    2. Add Profile
      or select an existing WildFire and Antivirus profile from which you want to exclude a threat signature and go to the
      Advanced Settings
      tab.
    3. From the
      Signature Exceptions
      menu,
      Add Exception
      and provide the
      Threat ID
      for the threat signature you want to exclude from enforcement. You can optionally add notes to the signature exception.
    4. Save
      the signature exception when you are finished.
    5. A valid threat signature ID auto-populates the threat name field. You can view a complete list of active signature exceptions as well as
      Delete
      entries that are no longer necessary.
    6. Repeat to add additional exceptions or click
      Save
      after all of your threat exceptions have been added.
  2. Modify enforcement for vulnerability and spyware signatures (except DNS signatures; while they are a type of spyware signature, DNS signatures are handled through the DNS Security subscription in Prisma Access).
    1. Select
      Manage
      Configuration
      Anti-Spyware
      or
      Manage
      Configuration
      Vulnerability Protection
      , depending upon the signature type.
    2. Add Profile
      or select an existing Anti-Spyware or Vulnerability Protection profile from which you want to modify the signature enforcement, and then select
      Add Override
      .
    3. Search for spyware or vulnerability signatures by providing the relevant
      Match Criteria
      . This automatically filters the available signatures and displays the results in the
      Matching Signatures
      section.
    4. Select the check box for the signature(s) whose enforcement you want to modify.
    5. Provide the updated
      Action
      ,
      Packet Capture
      , and
      IP Addresses
      that you want the modified enforcement rules to apply to for the selected signatures.
    6. Save
      your updated signature enforcement configuration.
    7. You can view a complete list of
      Overrides
      including various statistics, as well as
      Delete
      entries that are no longer necessary.

Recommended For You