IPS policies

With IPS policies, you can prevent network attacks using rules.

The firewall enforces the actions specified in the rules and logs the corresponding events. The set of default policies prevents network attacks for several common types of traffic. You can create custom policies with rules that meet your traffic requirements.

  • To add a policy, click Add and type a name. Then, you can clone the rules from an existing policy.
  • To add rules to a policy, click Edit for the policy you want to edit, and then click Add.

IPS policy rules

Rules specify signatures and an action. The firewall matches signatures with traffic patterns and takes the action specified in the rule. The action specified for the rule overrides the action recommended by the signature.

IPS signatures

Signatures identify threats and specify a recommended action to take when the firewall encounters matching traffic. Signatures are specific to applications, services, or platforms. The firewall includes predefined signatures and you also can create custom signatures.

SID
ID of the IPS signature.
Category
Category of IPS signature.
Severity
Degree of threat severity.
Platform
Signatures that apply to specific platforms (for example, Microsoft Windows).
Target
Client or server-based signatures.
Recommended action
Action recommended by the firewall when traffic matches the signature.