Security Profile default actions

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Security Profile default actions

Not applicable

Once again I find myself searching for documentation, once again I am disappointed. There have been a couple posts over the years asking to see the magical "default actions" and the standard answer is "here's how, go look yourself"

This is an unacceptable answer. Someone has the list - what's the secret? I'll bet it's even updated regularly.

Come on guys.

1 accepted solution

Accepted Solutions

L4 Transporter

There is no secret. The default actions for vulnerability protection and anti-spyware signatures have been available on the profile either under the custom signatures or under the exceptions area (depending on your PAN-OS version). For antivirus, the default action is always set to block. We are also working on an easier and automated method to make this and other threat meta data available in an upcoming PAN-OS release.  

Alfred

View solution in original post

5 REPLIES 5

L4 Transporter

There is no secret. The default actions for vulnerability protection and anti-spyware signatures have been available on the profile either under the custom signatures or under the exceptions area (depending on your PAN-OS version). For antivirus, the default action is always set to block. We are also working on an easier and automated method to make this and other threat meta data available in an upcoming PAN-OS release.  

Alfred

I know it's not a secret, I was being very facetious.

I understand how to find what I am looking for. What I do not enjoy is

having to going through hundreds of pages with a slow interface where

I can only see a few selections at a time, taking notes or screen

shots, to find what has to be documented somewhere at Palo Alto.

Love the part about easier. However, someone has created the document

that describes the list of default actions for Antispyware and

Vulnerability Prevention. This is what customers are looking for, and

I have been asked a number of times what that is. I have started the

process a couple times but never got far before being called off to do

some real work. Having to create a document of the 2,434 Spyware and

4,251 Vulnerabilities in this way will take many hours.

Is there a better way to list the default actions that are not alert?

The search criteria "action contains" does not like "default (anything

in parenthesis)" - it matches everything.

It's got to be out there, and it cannot be hard to find. Someone set

up the defaults - where is the document they used to do the

configuration?

Not applicable

Dear Palo Alto,

Someone PLEASE provide this information, many of your customers really need this to efficiently explain what will happen when we enable these features.  Currently my mgmt will only allow us to alert until I can provide data that explains what "Default" really means.

Thank You

Rob

Not applicable

Is this document available yet.  I could really use it as well.


Now that PAN-OS 5 is out is there a better method for accessing this information without having to manual key this in on the Exceptions GUI?

  • 1 accepted solution
  • 4009 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!