Network Intrusion Prevention - Policy Recommendations
Assess and prioritize your network vulnerabilities, and quickly deploy virtual patch filters for your most at-risk CVE detections.
Policy recommendations speed up your response to the most critical CVE threats affecting your network through the deployment of available TippingPoint SMS virtual patch filters. You receive a customized display of the most critical CVEs currently affecting your network and the virtual patching filter status across your profiles.
To receive vulnerability assessment and prioritization recommendations, and view or take immediate action on your top vulnerability threats through use of virtual patching filter policies, set up the following:
Policy recommendations are only available for the TippingPoint SMS console that has been connected to Trend Vision One the longest. Multiple console support is not yet available.
The following table outlines the options available on the Policy Recommendations tab (Network Security Operations > Network Intrusion Prevention > Policy Recommendations (tab)).
|
Option |
Description |
|---|---|
|
Vulnerability Overview |
Displays the current vulnerability status for your most at-risk unique CVEs that have corresponding TippingPoint filters available for virtual patching |
|
Prioritized CVE threat list |
Displays a prioritized list of CVEs and the filters available that you can enable and deploy to profiles to virtually patch existing threats
|
|
Policy deployment status |
Displays the current progress of your policy deployment operations |
).- Deploying Virtual Patch Filter Policies to TippingPoint SMS
Mitigate your CVE risks directly from the Network Intrusion Prevention app by setting and deploying filter policies on TippingPoint SMS profiles. - CVE Profile Assessment
View important information regarding specific CVEs detected in your environment and any associated prevention and detection rules available from your integrated products.
