Policy Configuration : Configuring Security Services Settings

Enabling Intrusion Prevention Services
To configure IPS settings for one or more SonicWALL appliances, complete the following steps:
1
2
Expand the Security Services tree and click Intrusion Prevention. The Intrusion Prevention page appears.
 
3
Check Enable IPS to enable the service.
4
5
Configure the following settings for High Priority Attacks in the IPS Settings area:
To prevent the log from becoming overloaded with entries for the same attack, enter a value in the Log Redundancy Filter field. For example, if you entered a value of 30 seconds and there were 100 SubSeven attacks during that period of time, only one attack would be logged during that 30 second period.
6
Repeat Step 5 for the remaining categories as applicable, including Medium Priority Attacks, Low Priority Attacks, IM (Instant Messaging) Applications, and P2P (Peer-to-Peer) Applications.
7
Click Configuring IPS Settings to choose one of the following options:
If Prevent Invalid Checksum is enabled, the SonicWALL security appliance automatically drops and resets the connection, to prevent the traffic from reaching its destination.
If Detect Invalid Checksum is enabled, the SonicWALL security appliance logs and alerts any traffic, but does not take any action against the traffic. The connection proceeds to its intended destination.
8
9
10
When you are finished, click Update. The settings are changed for each selected SonicWALL appliance. To clear all screen settings and start over, click Reset.