Understanding IPS Policy Templates
Juniper Networks provides predefined policy templates that you can use as a starting point for creating your own policies. Each policy template contains rules that use the default actions associated with the attack objects. You can customize these templates to work on your network by selecting your own source and destination addresses and choosing intrusion prevention system (IPS) actions that reflect your security needs. You can modify the template either by using the Advance option in the IPS Policy page or cloning the template.
IPS policies are collections of rules and rulebases. An IPS policy supports two types of rulebases—IPS rulebase and exempt rulebase. A rulebase is an ordered set of rules that use a specific detection method to identify and prevent attacks. When a rule is matched, it means that an attack has been detected in the network traffic, triggering the action for that rule. The IPS system performs the specified action and protects your network from that attack. Each rulebase can have multiple rules—you determine the sequence in which rules are applied to network traffic by placing them in the desired order. Each rulebase in the IPS system uses specific detection methods to identify and prevent attacks. For more information on the IPS policy rulebases, see Understanding IPS Policies.