Configuring IPS Policies

Policy Configuration : Configuring Security Services Settings

Configuring IPS Policies

This section allows the administrator to configure settings for individual attacks.

1

Locate the type of attack that you would like to view. To sort by category, select a category from the Categories list box. To sort by priority, select a priority level from the Priority list box.

2

After locating a type of attack to configure, click its Configure Icon ().

The Configure IPS dialog box appears.

3

Select whether attack detection for this type of attack is enabled, disabled, or uses the default global settings for the attack category from the Prevention list box.

4

Select whether attack prevention for this type of attack is enabled, disabled, or uses the default global settings for the attack category from the Detection list box.

5

Select which users or groups to include for this attack type in the Included Users/Groups list box.

6

Select which users or groups to exclude for this attack type in the Excluded Users/Groups list box.

7

Select an IP address range to include for this attack type in the Included IP Address Range list box.

8

Select an IP address range to exclude for this attack type in the Excluded IP Address Range list box.

9

Select a time range to enforce attack protection on this attack type from the Schedule list box.

10

Enter a timespan (in seconds) to run the Log Redundancy Filter (seconds) field, or select Use Category Settings.

11

When you are finished, click Update. You are returned to the Intrusion Prevention page.

12

Repeat Steps 2 through 16 for each attack to edit.

13

To reset all attacks to their default settings, click Reset ALL IPS Settings and Policies.