Reference Guide
Security Management Server v10.2.11 AdminHelp
level, the higher the number of malware detections. However, allowing more detections might result in
more false positive results.
The following values can be set:
Disable - Samples are not submitted to the Reputation Service lab.
Very Low - A detection is made available to Threat Protection when the Reputation Service lab
publishes it instead of waiting for the next file update. Average of 10-15 queries per day, per computer.
Low - This setting is the minimum recommendation for laptops or desktops and servers with a strong
security footprint. This setting results in an average of 10-15 queries per day, per computer.
Medium - Use this level when the regular risk of exposure to malware is greater than the risk of a false
positive. This setting is the minimum recommendation for laptops or desktops and servers. Average of
20-25 queries per day, per computer.
High - Use this setting for deployment to systems or areas which are regularly infected. This setting
results in an average of 20-25 queries per day, per computer.
Very High - Dell recommends using this level only for scanning volumes and directories that do not
support executing programs or operating systems. Detections found with this level are presumed
malicious, but have not been fully tested to determine if they are false positives. Use this setting for on-
demand scans on non-operating system volumes. This setting results in an average of 20-25 queries
per day, per computer.
For more detail about Threat Protection policies, see Windows Threat Protection
.
Client Firewall Policies
The Client Firewall is a stateful firewall that checks all incoming and outgoing traffic against its list of
rules. If the traffic matches all criteria in a rule, the Client Firewall acts according to the rule, blocking or
allowing traffic through the firewall.
Configurable options and rules define how the Client Firewall works. When the master policy, Client
Firewall, is set to On, you can select View/Edit in the Settings and Rules policy to view or configure an
extensive set of Client Firewall options and rules.
Client Firewall options
Options include which subsets of traffic to block or allow and logging settings, as well as timeout
parameters for TCP, UDP, and ICMP connections.
Client Firewall rules
Client firewall rules define specific handling of network traffic. Each rule provides a set of conditions that
traffic must meet and an action to allow or block that traffic. When Client Firewall finds traffic that
matches a rule’s conditions, it performs the associated action.
Client Firewall uses precedence to apply rules and applies the rule at the top of the firewall rules list.
1. If the traffic meets the conditions of the rule at the top of the list, Client Firewall allows or blocks
the traffic. It does not try to apply any other rules in the list.
2. If the traffic does not meet the first rule’s conditions, Client Firewall continues to the next rule in
the list until it finds a rule that the traffic matches.
3. If no rule matches, the firewall automatically blocks the traffic.
For a list of Client Firewall rules and their descriptions, see Client Firewall Settings and Rules
.
Web Protection Policies
247