Threat Prevention Threat Emulation
In the settings of the Threat Emulation Software Blade for the plan, enable the gateways to scan for infected files.
Note - Threat Emulation is supported only for 700/1400/1200R appliances with version R77.20.51 and higher.
You can override the Threat Emulation Software Blade settings in a plan for a specified gateway. You must first unlock the Threat Emulation from the plan.
To configure the Threat Emulation Software Blade settings of a plan:
-
Go to Home > Plans.
-
Click the plan name.
The Edit page opens.
-
Click Security Software Blades > Threat Emulation.
-
Select Manage in SMP.
-
Select On.
-
Select the HTTP Connection handling mode:
-
Background - Allows traffic to pass while it is inspected (default). This option has less impact on performance.
-
Hold - Traffic cannot pass until it is inspected and found not to contain malicious files. This option can impact performance but is more secure.
-
-
Click Detect-only mode to monitor Threat Emulation protection matches. Clear to implement Threat Emulation protections on the gateways.
-
Click Save.
To override the Threat Emulation settings set by a plan:
-
Go to Home > Gateways.
-
Click the gateway name.
The Edit page opens.
-
Click Security Software Blades > Threat Emulation.
-
If the Threat Emulation settings are locked, click Unlock from plan.
-
To stop remote management of the blade, clear Manage in SMP.
-
Make necessary changes to the mode (see above).
-
Click Save.
To connect to the appliance:
-
Go to Home > Gateways.
-
Click the gateway name.
The Edit page opens.
-
Click Security Software Blades > Threat Emulation.
-
Click Access Gateway: Threat Prevention.
A browser page opens and shows the progress of the SMP connection to the gateway. The appliance opens on the Threat Emulation page. You can now update the local appliance.
Note - If a local administrator is already logged in to the appliance, click OK to override that connection. Click Cancel to cancel your login attempt.
