>
    Cloud Management
    Focus
    Download PDF
    Focus
    1. Home
    2. Advanced Threat Prevention
    3. Configure Threat Prevention
    4. Create Threat Exceptions
    5. Cloud Management
    Download PDF
    Advanced Threat Prevention

    Prisma Access

    Table of Contents

    Cloud Management

    1. Exclude antivirus signatures from enforcement.
      While you can use an WildFire and Antivirus profile to exclude antivirus signatures from enforcement, you cannot change the action is enforced for a specific antivirus signature. However, you can define the enforceable action when viruses are found in different types of traffic by editing the security profile
      Enforcement Actions
      .
      1. Select
        Manage
        Configuration
        NGFW and
        Prisma Access
        Security Services
        WildFire and Antivirus
        .
      2. Add Profile
         or select an existing WildFire and Antivirus profile from which you want to exclude a threat signature and go to the
        Advanced Settings
         tab.
      3. From the
        Signature Exceptions
         menu,
        Add Exception
         and provide the
        Threat ID
         for the threat signature you want to exclude from enforcement. You can optionally add notes to the signature exception.
      4. Save
         the signature exception when you are finished.
      5. A valid threat signature ID auto-populates the threat name field. You can view a complete list of active signature exceptions as well as
        Delete
         entries that are no longer necessary.
      6. Repeat to add additional exceptions or click
        Save
         after all of your threat exceptions have been added.
    2. Modify enforcement for vulnerability and spyware signatures (except DNS signatures; while they are a type of spyware signature, DNS signatures are handled through the DNS Security subscription in
      Prisma Access
      ).
      1. Select
        Manage
        Configuration
        NGFW and
        Prisma Access
        Security Services
        Anti-Spyware
         or
        Manage
        Configuration
        NGFW and
        Prisma Access
        Security Services
        Vulnerability Protection
        , depending upon the signature type.
      2. Add Profile
         or select an existing Anti-Spyware or Vulnerability Protection profile from which you want to modify the signature enforcement, and then select
        Add Override
        .
      3. Search for spyware or vulnerability signatures by providing the relevant
        Match Criteria
        . This automatically filters the available signatures and displays the results in the
        Matching Signatures
         section.
      4. Select the check box for the signature(s) whose enforcement you want to modify.
      5. Provide the updated
        Action
        ,
        Packet Capture
        , and
        IP Addresses
         that you want the modified enforcement rules to apply to for the selected signatures.
      6. Save
         your updated signature enforcement configuration.
      7. You can view a complete list of
        Overrides
         including various statistics, as well as
        Delete
         entries that are no longer necessary.

    Recommended For You

    © 2024 Palo Alto Networks, Inc. All rights reserved.