Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Add an IDP Policy

You are here: Security Services > IPS > Policy.

To add an IDP policy:

  1. Click the add icon (+) on the upper right side of the Policy page.

    The Add IDP Policy page appears.

  2. Complete the configuration according to the guidelines provided in Table 1.
  3. Click OK to save the changes. If you want to discard your changes, click Cancel.
Table 1: Fields on the Add IDP Policy Page

Field

Action

Policy Name

Enter the name of the IPS policy.

IPS Rule

Specifies the IPS rule created.

Select an option form the list:

  • Add—Adds a new IPS rule.

  • Edit—Edits the selected IPS rule.

  • Delete—Deletes the selected record.

  • Move—Organize rows. Select Move up, Move down, Move to top, or Move to down.

Basic

Policy Name

Displays the name of the IDP policy.

Rule Name

Enter a rule name.

Rule Description

Enter the description for the rule.

Action

Select a rule action from the list to specify the list of all the rule actions for IDP to take when the monitored traffic matches the attack objects specified in the rules.

Application

Specifies the list of one or multiple configured applications.

Select the applications to be matched.

Attack Type

Specifies the attack type that you do not want the device to match in the monitored network traffic. The options available are:

  • Predefined Attacks

  • Predefined Attack Groups

Select an option from the list and click the right arrow to match an attack object or attack group to the rule.

Category

Select a category from the list to specify the category used for scrutinizing rules of sets.

Severity

Select a severity level from the list to specify the rule severity levels in logging to support better organization and presentation of log records on the log server.

Direction

Select a direction level from the list to specify the direction of network traffic you want the device to monitor for attacks.

Search

Enables you to search a specific data from the list.

Advanced
Note:

This tab is not available for Rulebase exempt.

IP Action

Specifies the action that IDP takes against future connections that use the same IP address.

Select an IP action from the list.

IP Target

Select an IP target from the list.

Timeout

Specifies the number of seconds the IP action should remain effective before new sessions are initiated within that specified timeout value.

Enter the timeout value, in seconds. The maximum value is 65,535 seconds.

Log IP Action

Select the check box to specify whether or not the log attacks are enabled to create a log record that appears in the log viewer.

Enable Attack Logging

Select the check box to specify whether or not the configuring attack logging alert is enabled.

Set Alert Flag

Select the check box to specify whether or not an alert flag is set.

Severity

Select an option from the list to specify the rule severity level.

Terminal

Select the check box to specify whether or not the terminal rule flag is set.

Match

From Zone

Select the match criteria for the source zone for each rule.

To Zone

Select the match criteria for the destination zone for each rule.

Source Address

Select the zone exceptions for the from-zone and source address for each rule. The options available are:

  • Match—Matches the from-zone and source address/address sets to the rule.

  • Except—Enables the exception criteria.

Destination Address

Select the zone exceptions for the to-zone and destination address for each rule. The options available are:

  • Match—Matches the from-zone and destination address/address sets to the rule.

  • Except—Enables the exception criteria.