[For your protection, some features and settings discussed in this documentation may be controlled by your security administrator.]

Essentially recommended action means that you want Microsoft Forefront Endpoint Protection 2010 to handle this alert level according to Microsoft’s recommendation. When Forefront Endpoint Protection detects a threat or potential threat, it takes the action specified as the Default Action in Settings. Unless you change the Default Actions associated with each alert level Forefront Endpoint Protection applies the recommended action. The recommended action is a specific action recommended by Microsoft for dealing with a specific threat or potential threat. It is associated with the definition specific to a particular threat. Usually, recommended actions are related to the detected item’s severity level: severe, high, medium, or low (see Understanding alert levels) For example, in most cases, the recommended action associated with a high-severity alert is to remove the detected threat. However, even in the case of a high-severity alert, the recommended action might be to allow the detected threat.

Tip:
Unless you have a deep understanding of malware and their definitions, you should use the recommended actions to help protect your computer from threats.

Related Topics