Views:
Purpose: Configure IPS profiles to bolster your gateway security by ensuring that traffic allowed by the policy rules is further inspected for threats, exploits, back-door programs, and other attacks as they pass through the device.
Location: Policies > SECURITY PROFILES > Security Profiles > IPS

Procedure

  1. Optionally enable the security profile.
  2. Select the action.
    • Block
    • Monitor (default).
  3. Optionally enable advanced settings.
    The IPS Rules pane expands. By default, all rules are displayed and all rules are selected.
  4. Optional: If you enabled advanced settings, perform the desired action in the IP Rules pane:
    policies-ips-rules-f.png
    • Search for a sub-set of IPS rules.
    • Select or unselect individual IPS rules to apply to traffic for this security profile. Deselected rules do not affect traffic.
    • Click on Only show selected to display only the selected rules.
    • Move from page to page by using the page selector on the bottom right-side of the IP Rules pane.
    • Click on a IPS rule name to open the IPS Rule Information screen where you can view details about that rule.
    • Click on Rule Filter to specify IPS filtering criteria.
  5. Optional: If you enabled advanced settings, click on Rule Filter if you want to specify IPS filtering criteria.
    1. Select the minimum IPS severity level.
      See IPS Severity Levels.
    2. Select the date that the IPS rule was released.
    3. Select affected operating systems.
    4. Select the traffic categories.
      See IPS Monitor/Block Categories.
    5. Perform the desired action:
      • Click on Filter to set the filter.
        The IPS rules list contains the chosen subset of rules that are applied to traffic for this security profile.
      • Click on Reset and then Filter if you want to filter traffic using the full default IPS rules list.
  6. Click Save.