Anti-malware profiles protect against worms and viruses. administrators can enable or disable logging for this profile, but the profile cannot be deleted. This profile can be used by all policies to provide protection from malware and to stop other threats to administrators networks. Once the Global Anti-Malware security profile is enabled in a policy, network-connection scans ensure content is malware free.

Each security policy can specify whether or not to use the global anti-malware profile. That identifies which applications are inspected for malware and the action taken when malware is detected. The default profile inspects all of the listed protocol decoders for malware and takes the action determined by the policy (block or monitor), depending on the type of malware detected.