SonicOS 7.0 Security Services Administration Guide

Anti-Spyware Service > Signature Groups
Table of Contents

Signature Groups

  • You can select different protection for each of three different danger levels:
    • High Priority Spyware
    • Medium Priority Spyware
    • Low Priority Spyware

  • Prevent All - Select this option to detect, log, and prevent all attacks of this level.

    SonicWall recommends enabling Prevent All for High Danger Level Spyware and Medium Danger Level Spyware signature groups to provide anti-spyware protection against the most damaging and disruptive spyware applications. You can also enable Detect All for spyware logging and alerting.

  • Detect All - Select this option to detect and log only.
  • Log Redundancy Filter (Seconds) - To prevent the log from becoming overloaded with entries for the same attack, enter a value in the field. For example, if you entered a value of 30 seconds and there were 100 SubSeven attacks during that period of time, only one attack would be logged during that 30 second period.
  • Configure Settings - This is one of the buttons below the attack level chart. It display the Anti-Spyware Settings dialog box.
    • Anti-Spyware Settings
      • Disable SMTP Responses - Click this checkbox to suppress the sending of email messages (SMTP) to clients from SonicWall Anti-Spyware when a virus is detected in an email or attachment.
    • HTTP Clientless Notification
      • Enable HTTP Clientless Notification Alerts - Checking this box allows the message in the box below to be shown when blocking a request.
    • Anti-spyware Exclusion List
      • Enable Anti-Spyware Exclusion List - Click this checkbox to allow the spyware to be limited by an exclusion list. The security appliance bypasses Anti-Spyware enforcement for a specified address object or IP range. Selecting this box makes the next fields available to identify the addresses of the excluded objects.
      • Select an address object or an address range to add to the exclusion list.
  • Update Signature Database - Click to refresh the list on the lower part of this page. A dialog box appears requesting more information about the schedule for your changes.
  • Reset Settings - Click to reset the settings to the factory defaults. A dialog box appears requesting more information about the schedule for your changes.