Malware Policies allow you to remediate malware threats separately from policy violations.
To create a Malware Policy:
- Go to Policy > Malware Policies.
- Click Actions > Create a Malware Policy.
- In the Create a Malware Policy page, enter a name for the new Policy, and add an optional Description.
- For Services, click and select the service instance you want to scan.
- For Users, allow the default All Users, or click Edit and choose an option. Click Save.
- For User Groups, allow the default All User Groups, or click Edit and choose a subset of User Groups. Click Done.
- Click Next.
- On the next page, under Rules, choose an option for If and. Next, you can choose to add an And field to the rule.
- Malware Confidence levels are Very High, High, Medium, Low, and Very Low. They match that level and any level higher than that. For example:
- A file with a Malware Confidence of High would match a rule that is High, Medium, Low, or Very Low.
- A file with a Malware Confidence of Low would match a rule that is Low or Very Low.
- It is best practice to create the policy with rules in descending order of Malware Confidence.
- Select an Assign Severity option for Then: Critical, Major, Minor, Warning, or Info. Click Next.
- Add an optional Exception. Choose an option for Except, then click Next.
- In the Responses page, choose an option for If, and add select an option for Then. Click And to specify additional response actions. Click Next.
- Review the policy. Then click Save to activate the policy.