https://live.paloaltonetworks.com/t5/general-topics/vulnerability-protection-signatures/m-p/235551#M67530 <P>Hello,</P><P>We block anything medium and higher. I have found that blocking low and information blocks legit traffic so test before production.</P><P>&nbsp;</P><P>Regards,</P> Tue, 16 Oct 2018 16:09:23 GMT OtakarKlier 2018-10-16T16:09:23Z https://live.paloaltonetworks.com/t5/general-topics/vulnerability-protection-signatures/m-p/235470#M67517 <P><U>Is there a PA best practice regarding how to handle Vulnerability Protection signatures with severity ratings of high in custom profiles? Should rule actions be Drop, Reset-Both etc</U></P> Tue, 16 Oct 2018 12:10:28 GMT https://live.paloaltonetworks.com/t5/general-topics/vulnerability-protection-signatures/m-p/235470#M67517 RonaldRichter 2018-10-16T12:10:28Z https://live.paloaltonetworks.com/t5/general-topics/vulnerability-protection-signatures/m-p/235534#M67526 <P>Hey&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/80829">@RonaldRichter</a></P><P>&nbsp;</P><P>As a best practice, we like to have three sets of all the security profiles that accommodate for the different types of traffic that your firewall allows including Outbound, Inbound and Internal traffic.</P><P>&nbsp;</P><P>For vulnerability profiles specifically, we block "Critical", "High" and "Medium" threats for both Inbound and Outbound traffic, then for Internal traffic we only block Critical and High.</P><P>&nbsp;</P><P><A href="https://www.paloaltonetworks.com/documentation/80/best-practices/best-practices-internet-gateway/best-practice-internet-gateway-security-policy/create-best-practice-security-profiles" target="_blank">https://www.paloaltonetworks.com/documentation/80/best-practices/best-practices-internet-gateway/best-practice-internet-gateway-security-policy/create-best-practice-security-profiles</A></P><P>&nbsp;</P><P>Thanks,</P><P>Luke.</P> Tue, 16 Oct 2018 15:46:36 GMT https://live.paloaltonetworks.com/t5/general-topics/vulnerability-protection-signatures/m-p/235534#M67526 LukeBullimore 2018-10-16T15:46:36Z https://live.paloaltonetworks.com/t5/general-topics/vulnerability-protection-signatures/m-p/235551#M67530 <P>Hello,</P><P>We block anything medium and higher. I have found that blocking low and information blocks legit traffic so test before production.</P><P>&nbsp;</P><P>Regards,</P> Tue, 16 Oct 2018 16:09:23 GMT https://live.paloaltonetworks.com/t5/general-topics/vulnerability-protection-signatures/m-p/235551#M67530 OtakarKlier 2018-10-16T16:09:23Z https://live.paloaltonetworks.com/t5/general-topics/vulnerability-protection-signatures/m-p/236825#M67860 <P>Thanks for the input!</P> Wed, 24 Oct 2018 11:41:43 GMT https://live.paloaltonetworks.com/t5/general-topics/vulnerability-protection-signatures/m-p/236825#M67860 RonaldRichter 2018-10-24T11:41:43Z