SonicOS 7 Action Objects
About System Predefined Default Action Objects
There are a number of system defined, default actions that are predefined by SonicOS. These default action objects cannot be edited or deleted. The default actions are displayed in the Add/Edit App Control Policy dialog when you add or edit a policy from the Policy > App Rules page.
A number of BWM action object options are available in the predefined, default action list. The BWM action options change depending on the Bandwidth Management Type setting on the Object > Profile Objects > Bandwidth page.
Several Bypass action options are available in the default action list. These are available if the indicated security services are licensed on the firewall.
See the below table for descriptions of the predefined action types. For more information about BWM actions, see About Actions Using Bandwidth Management.
Action Type | Description |
Reset / Drop | For TCP, the connection will be reset. For UDP, the packet will be dropped. |
No Action | Policies can be specified without any action. This allows “log only” policy types. |
Bypass DPI | Bypasses Deep Packet Inspection components IPS, GAV, Anti-Spyware and application control. This action persists for the duration of the entire connection as soon as it is triggered. Special handling is applied to FTP control channels that are never bypassed for application control inspection. This action supports proper handling of the FTP data channel. Note that Bypass DPI does not stop filters that are enabled on the Network > Firewall > SSL Control page. |
Packet Monitor | Use the SonicOS Packet Monitor capability to capture the inbound and outbound packets in the session, or if mirroring is configured, to copy the packets to another interface. The capture can be viewed and analyzed with Wireshark. |
Advanced BWM High | Manages inbound and outbound bandwidth, can be configured for guaranteed bandwidth in varying amounts and maximum/burst bandwidth usage up to 100% of total available bandwidth, sets a priority of one. |
Advanced BWM Medium | Manages inbound and outbound bandwidth, can be configured for guaranteed bandwidth in varying amounts (default is 50%) and maximum/burst bandwidth usage up to 100% of total available bandwidth, sets a priority of four. |
Advanced BWM Low | Manages inbound and outbound bandwidth, can be configured for guaranteed bandwidth in varying amounts (default is 20%) and maximum/burst bandwidth usage up to 100% of total available bandwidth, sets a priority of six. |
Bypass GAV | Bypasses Gateway Anti-Virus inspections of traffic matching the policy. This action persists for the duration of the entire connection as soon as it is triggered. Special handling is applied to FTP control channels that are never bypassed for application control inspection. This action supports proper handling of the FTP data channel. |
Bypass IPS | Bypasses Intrusion Prevention Service inspections of traffic matching the policy. This action persists for the duration of the entire connection as soon as it is triggered. Special handling is applied to FTP control channels that are never bypassed for application control inspection. This action supports proper handling of the FTP data channel. |
Bypass SPY |
Bypasses Anti-Spyware inspections of traffic matching the policy. This action persists for the duration of the entire connection as soon as it is triggered. Special handling is applied to FTP control channels that are never bypassed for application control inspection. This action supports proper handling of the FTP data channel. |
Bypass Capture ATP |
Provides a way to skip Capture Advanced Threat Protection (ATP) analysis in specific cases when you know the file is free of malware. This action persists for the duration of the entire connection as soon as it is triggered. This option does not prevent other anti-threat components, such as GAV and Cloud Anti-Virus, from examining the file. |
Was This Article Helpful?
Help us to improve our support portal