Antivirus Security Profile Exception

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Antivirus Security Profile Exception

L1 Bithead

I want to create an exception action for a specific antivirus ID (which happens to be outbound traffic). The default action is “alert” and I want this one ID to be “drop”. This is possible for the spyware and vulnerability profiles, but my problem is that it looks like the antivirus security profile exceptions are ONLY “allow”. How can I configure the PA to “drop” only one specific antivirus-ID?


L5 Sessionator

Hello John,

As far as I know you can do an exception based on application and specify whatever action you want but not specific to an ID for antivirus profile.


Hari Yadavalli

Yes, I think I can specify an action for an entire "application" that registers any virus, but that is very broad and this would cover ALL virus-signatures for all SMTP traffic (In this case) and I don’t really want to do that. Is there any way to apply finer granularity to it?

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!