File Security Actions

File Security Profile Actions

When creating File Rules within a File Security Profile (FSP), actions must be applied to each File Matcher rule. File Matcher rules are processed in the order of rule priority, which is top-down.

The following actions can be applied to each File Matcher:

  • Allow - This action will allow the file to pass, logging the event and file information.
  • Block - This action will block the file from passing, logging the event and file information.
  • Fast Scan - This action will apply static analysis and hash-based malware scanning engines to matched files. This method of malware scanning has the least impact on the end user's experience. Files with malware detected will be blocked and logged.
  • Deep Scan - This action directs the matched file to the Atmos Sandbox engine, where the file will be dynamically analyzed to detect deeply embedded malware that requires executing or opening the file to trigger an attack. Files with malware detected will be blocked and logged.

📘

Note

  • The Deep Scan feature is under limited release. For more information contact Axis Support: [email protected].