This video explains why it is a best practice to set the action to default, including information about anti-spyware and Low Informational Profile.
Different threat severities require actions and anti-spyware profiles. Attaching an anti-spyware profile to all allowed traffic detects command-and-control traffic initiated from malicious code running on a server or endpoint and prevents compromised systems from establishing an outbound connection from your network. The Low Informational Profile best practice check ensures that low and informational severity events is set the action to default.
For additional resources regarding BPA, visit our LIVEcommunity BPA tool page.
View videos regarding BPA Network best practice checks.
View videos regarding BPA Policies best practice checks.
View videos regarding BPA Objects best practice checks.
View videos regarding BPA Devices best practice checks.
You may also view other BPA video playlist on the LIVEcommunity YouTube channel.