What can I do here?
Use this window to configure:
Getting Here - Security Policies > Threat Prevention > Policy > Threat Tools > Profiles > Profile > Edit > Threat Extraction > General |
On the Threat Extraction > General page, you can configure these settings:
Note - This option is only configurable when the Threat Emulation blade is activated in the General Properties pane of the profile.
Select a message to show the user when the user receives the clean file. In this message, the user selects if they want to download the original file or not. To select the success or cancelation messages of the file download, go to Manage & Settings > Blades > Threat Prevention > Advanced Settings > UserCheck. You can create or edit UserCheck messages on the UserCheck page.
Send Original Mail is added to the message body.
Click Configure to set the maximum MIME nesting level for emails that contained nested MIME content.
Click Configure to select which malicious parts the blade extracts. For example, macros, JavaScript, images and so on.
Converts the file to PDF, and keeps text and formatting.
Best Practice - If you use PDFs in right-to-left languages or Asian fonts, preferably select Extract files from potential malicious parts to make sure that these files are processed correctly.
Set a low, medium or high confidence level. This option is only configurable when the Threat Emulation blade is activated in the General Properties pane of the profile.
Select this option if you want to configure a different extraction method for certain file types. Click Configure to see the list of enabled file types and their extraction methods. To change the extraction method for a file type, right-click the file type and select: bypass, clean or convert to pdf.
Notes: