Configuring Anti-Bot Policy Rules; Activating The Anti-Bot Component - Check Point HARMONY R81 Administration Manual

Configuring Anti-Bot Policy Rules

For each Action in a rule, select an option, which defines the Action behavior. You can select a
predefined Action option or select New to define a custom Action option.
Right-click an Action and select Edit or Edit Shared Action to change the Action behavior.
Changes to policy rules are enforced only after you install the policy.

Activating the Anti-Bot Component

Define the prevention and detection settings for the Anti-Bot component. The automatic
options are:
n Prevents high confidence bots, detects all - All bots are detected and logged. Anti-Bot
only blocks activity when it is almost certain that the activity is malicious (high
confidence). This is the default.
n Anti-bot detection is enabled -All bots are detected and logged but not blocked.
n Anti-bot is not active - Client computers are not monitored for bot activity.
The confidence level is how sure Endpoint Security is that activity is malicious. High
confidence means that it is almost certain that the activity is malicious. Medium confidence
means that it is very likely that the activity is malicious.
In the Blade Activation action, you can manually change the settings for each confidence
level.
Select actions for High Confidence, Medium Confidence, and Low Confidence bots:
n Prevent - Blocks bots.
n Detect - Logs information about bots, but does not block them.
Inactive - Ignores bots (does not prevent or detect them).
n
Configuring Anti-Bot Policy Rules
R81 Harmony Endpoint Server Administration Guide | 334