Modifying IPS Rules Parent topic

Procedure

  1. Go to PoliciesSecurity SettingsIPS.
  2. Select the Enable IPS security check box.
  3. Under IPS Filtering Criteria, select the minimum IPS severity level to filter. All traffic that has an equal to or greater selected severity level are filtered.
    Option Description
    1—Information Port-based traffic (examples: HTTP, SMTP).
    2—Low Policy-related signatures (examples: IM, P2P, Games)
    3—Medium Tunneling and scanning activity.
    4—High Most intrusion-related signatures.
    5—Critical Same as high severity plus very high impact to servers and end users (examples: CVE-2008-4250, Conficker).
  4. Select the date that the threat was released.
  5. Select affected operating systems.
  6. Select the IPS categories.
  7. Click Apply Filter to set the filtering criteria.
    All predefined IPS filtering rules matching the specified criteria populate in the table under Filtering Rules.
  8. Under IPS Rules, all matching criteria are automatically selected. To remove an IPS rule, deselect the check box next to the rule ID.
  9. Click OK.
    The changes are saved.