topic Re: Configuration of Security Profiles in General Topics https://live.paloaltonetworks.com/t5/general-topics/configuration-of-security-profiles/m-p/323769#M82702 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/126345">@iscott</a>,</P><P>&nbsp;</P><P>If you set actions as "alert" then it won't block/drop connection. It will permit traffic and log that traffic. If you really want to drop specific traffic against any threat/CVE, you need to set action as "drop". Also there are other actions available that you can set. e.g. Block IP, Reset Server/client/both and allow.</P><P>&nbsp;</P><P>There are default actions set for each signature or threat id. You can override these actions as per your requirements.</P><P>&nbsp;</P><P>Hope it helps!</P><P>Mayur</P> Mon, 20 Apr 2020 06:01:32 GMT SutareMayur 2020-04-20T06:01:32Z Configuration of Security Profiles https://live.paloaltonetworks.com/t5/general-topics/configuration-of-security-profiles/m-p/323746#M82701 <P>Hello,&nbsp;</P><P>&nbsp;</P><P>I have a question related to the actions that I can configure in Security Profile. Specifically, Vulnerability Protection.&nbsp;</P><P>&nbsp;</P><P>What happens if I set the action as "Alert"? Will it drop the connection? Or the connection will be permitted, and it just logs the traffic of the malicious action executed?</P><P>&nbsp;</P><P>Regards,</P> Sun, 19 Apr 2020 23:30:28 GMT https://live.paloaltonetworks.com/t5/general-topics/configuration-of-security-profiles/m-p/323746#M82701 iscott 2020-04-19T23:30:28Z Re: Configuration of Security Profiles https://live.paloaltonetworks.com/t5/general-topics/configuration-of-security-profiles/m-p/323769#M82702 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/126345">@iscott</a>,</P><P>&nbsp;</P><P>If you set actions as "alert" then it won't block/drop connection. It will permit traffic and log that traffic. If you really want to drop specific traffic against any threat/CVE, you need to set action as "drop". Also there are other actions available that you can set. e.g. Block IP, Reset Server/client/both and allow.</P><P>&nbsp;</P><P>There are default actions set for each signature or threat id. You can override these actions as per your requirements.</P><P>&nbsp;</P><P>Hope it helps!</P><P>Mayur</P> Mon, 20 Apr 2020 06:01:32 GMT https://live.paloaltonetworks.com/t5/general-topics/configuration-of-security-profiles/m-p/323769#M82702 SutareMayur 2020-04-20T06:01:32Z