Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
SAROU237
Explorer

Threat prevention

Could you please explain me how threat prevention works ?

1)If a rule is inspected and seems weird, does the gateway apply the protection according to the profile DEFINED ?

 

Performance Impact

Performance impact is how much a protection affects the gateway performance. Some activated protections might cause issues with connectivity or performance. You can set protections to not be prevented or detected if they have a higher impact on gateway performance.

There are three options:

  • High or lower
  • Medium or lower
  • Low

2) does the gateway apply the protection if this protection have a high impact on the performance ?

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

The profile and the blades active determines precisely how the traffic is scanned (done continually) and thus what protections apply to the traffic.
The profile can be configured to activate protections based on the potential performance impact of said protection as well as the confidence level of said protection, which is with respect to the number of false positives.

0 Kudos