Infinity CHECK POINT 1100 Administration Manual page 109

Appliances centrally managed

Hide thumbs Also See for CHECK POINT 1100:

Administration manual (122 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

Table of Contents

•

Severity - Shows the severity of the malware:

•

Low

•

Medium

•

High

•

Critical

•

Protection name - Shows the Anti-Bot or Anti-Virus protection name.

•

Last incident - The date of the last incident.

•

Incidents - Shows the total number of incidents on the host or server in the last month. If there

is a large amount of records, the time frame may be shorter.

To filter the infected hosts list:

1. Click Filter.

2. Select one of the filter options:

•

Servers only - Shows only machines that were identified as servers (and not any

machine/device). Servers are defined as server objects in the system from the Access

Policy > Servers page.

•

Possibly infected only - Shows only hosts or servers classified as possibly infected.

•

Infected only - Shows only hosts or servers classified as infected.

•

High and above severity only - Shows hosts and servers that are infected or possibly

infected with malwares that have a severity classification of high or critical.

To add a malware exception rule for a specified protection:

1. Select the list entry that contains the protection for which to create an exception.

2. Click Add Protection Exception.

3. Click the links in the rule summary or the table cells to select network objects or options that

fill out the exception rule fields.

•

Scope - Select either Any or a specific scope from the list. If necessary, you can create a

New network object, network object group, or local user.

If it is necessary to negate a specified scope, select the scope and select the Any Scope

except checkbox.

For example, if the scope of the exception should include all scopes

network, select DMZ network and select the Any Scope except checkbox.

Action - Select the applicable action to enforce on the matching traffic: Ask, Prevent,

•

Detect or Inactive. See the Threat Prevention > Threat Prevention Blade Control page for

a description of the action types.

Log - Select the tracking option: None, Log, or Alert. Logs are shown on the Logs &

•

Monitoring > Security Logs page. An alert is a flag on a log. You can use it to filter logs.

4. Optional - Add a comment in the Write a comment field.

5. Click Apply.

The rule is added to Malware Exceptions on the Threat Prevention > Exceptions page.

Check Point 1100/1200R/1400 Appliances Centrally Managed Administration Guide R77.20.70

Appliance Configuration

except

for the DMZ

109

Table of Contents

Need help?

Do you have a question about the CHECK POINT 1100 and is the answer not in the manual?

This manual is also suitable for:

Check point 1200r Check point 1400 L-50 L-50d L-50w L-50wd ... Show all

Infinity CHECK POINT 1100 Administration Manual page 109

Need help?

Subscribe to Our Youtube Channel

Related Manuals for Infinity CHECK POINT 1100

This manual is also suitable for:

Table of Contents