SonicWall IPS allows you to globally manage your network protection against attacks.
|
1
|
|
2
|
For each class of attack in the Signature Groups table, High Priority Attacks, Medium Priority Attacks, and Low Priority Attacks, select the Prevent All checkboxes. Attacks belonging to the enabled group will be prevented.
|
|
CAUTION: Leaving the High Priority Attacks, Medium Priority Attacks, and Low Priority Attacks signature groups with no Prevent All action checked means no intrusion prevention will occur on the SonicWall security appliance.
|
|
3
|
For each class of attack in the Signature Groups table, select the Detect All checkboxes. Attacks belonging to the enabled group will be logged.
|
|
4
|
Optionally, specify the number of seconds to delay between log entries for the same detected attack in its Log Redundancy Filter (seconds) field. The default for High Priority Attacks and Medium Priority Attacks is 0 seconds (every attack is logged) and for Low Priority Attack is 60 seconds.
|
|
5
|
Click Apply at the top of the page to protect your network against the most dangerous and disruptive attacks.
|
Any IP addresses listed in the exclusion list bypass IPS scanning on their traffic.The AV IPS List provides the ability to define a range of IP addresses whose traffic will be excluded from SonicWall IPS scanning.
|
1
|
In the IPS Global Settings section, click the Configure IPS Settings button. The IPS Config View dialog displays.
|
|
2
|
Click the Enable IPS Exclusion List checkbox to enable the exclusion list feature. The radio button and Add… button for Use Address Range become active. You can do any or all of the following:
|
|
•
|
|
•
|
Configure or delete excluded ranges in the IPS Exclusion List table, as described in Modifying an IPS Exclusion List table entry
|
|
•
|
Delete excluded ranges in the IPS Exclusion List table, as described in Deleting entries in the IPS Exclusion List table
|
|
•
|
|
3
|
|
4
|
Enter the IP address range in the IP Address From and IP Address To fields, then click OK. You IP address range is added to the IPS Exclusion List table and the window closes. The message, The configuration has been updated., displays in the status line.
|
|
5
|
To add other ranges to the IPS Exclusion List table, repeat Step 1 through Step 4 for each range to be excluded.
|
|
1
|
To change an entry, in the Configure column, click the Edit icon for that entry. The Edit IPS Range Entry dialog displays.
|
|
3
|
Click OK. The modifications are made to the IPS Exclusion List table and the window closes. The message, The configuration has been updated., displays in the status line.
|
|
4
|
|
1
|
To delete an entry from the IPS Exclusion List table, click the Delete icon. To delete all the excluded ranges, click the Delete All button. A warning message displays, asking for confirmation of the deletion.
|
|
2
|
Click OK. The entry is removed from the IPS Exclusion List table and the window closes.
|
|
1
|
In the IPS Exclusion List section, click the Use Address Object radio button. The drop-down menu becomes available.
|
|
3
|
Click OK to select the address object and exit the IPS Config View window. The message, The configuration has been updated., displays in the status line.
|
You can reset all your IPS Settings to factory default values by clicking the Reset IPS Settings & Policies button. A warning message displays.
To completely remove your IPS Settings and Policies and restore the factory default values, click OK. Otherwise, click Cancel.
