For each threat signature and Antivirus signature that is defined by Palo Alto Networks, a default action is specified internally. Typically, the default action is an alert or a reset-both. The default action is displayed in parenthesis, for example default (alert) in the threat or Antivirus signature.
Permits the application traffic.
Generates an alert for each application traffic flow. The alert is saved in the threat log.
Drops the application traffic.
For TCP, resets the client-side connection. For UDP, drops the connection.
For TCP, resets the server-side connection. For UDP, drops the connection.
For TCP, resets the connection on both client and server ends. For UDP, drops the connection.