Organizations may determine that in response to malicious code detection, different actions may be warranted for different situations. For example, the network device may send different alerts, block malicious packets, block the IP address, or update the network device depending on the capabilities of the implementation. Upon detection of traffic transporting malicious code, the network device must perform organizationally defined actions to notify or prevent malicious code from further impacting the network. This requirement is applicable to specific devices and does not involve the management of a network device. |