Information
If a single rule exists within the anti-spyware profile, configure it to block on any spyware severity level, any category, and any threat. If multiple rules exist within the anti-spyware profile, ensure all spyware categories, threats, and severity levels are set to be blocked. Additional rules may exist for packet capture or exclusion purposes.
Rationale:
Requiring a blocking policy for all spyware threats, categories, and severities reduces the risk of spyware traffic from successfully exiting the organization. Without an anti-spyware profile assigned to any potential hostile zone, the first protection in the path against malware is removed, leaving in most cases only the desktop endpoint protection application to detect and remediate any potential spyware.
Solution
Navigate to Objects > Security Profiles > Anti-Spyware.
Set a rule within the anti-spyware profile that is configured to perform the Block Action on any Severity level, any Category, and any Threat Name.
Default Value:
Two Anti-Spyware Security Profiles are configured by default 'strict' and 'default'.