Table of Contents
Advertisement
Intrusion Prevention System
Configuring the IPS Policy
Configuring the IPS Policy
STEP 1
STEP 2
STEP 3
Cisco SA500 Series Security Appliances Administration Guide
-
Click Reset to revert to the previous settings.
•
Manual Signature Updates: To manually update the latest signature file,
click the Cisco.com link to obtain the file and download it to your computer.
Browse to the location of the signature file on the local PC and then click
Upload.
You can configure the IPS Policy settings to protect the network against threats
such as Denial-of-Service attacks, malware, and backdoor exploits.
Click IPS > IPS Policy, or from the Getting Started (Advanced) page, under
Intrusion Prevention System, click Configure and Enable IPS Policies.
Choose the policy for each category or for each signature within each category.
•
To select a policy for an IPS category, click an option in the category heading
row.
•
To expand the signatures under a category, click the + button next to the
category heading. To hide the signatures, click the - button.
•
To select a policy for an individual signature, click an option in the entry row
for that signature.
Options:
•
Disabled: Choose this option to disable checking for this category.
•
Detect Only: Choose this option to check for attacks on this category and
to log a message upon detection.This option is mostly used for
troubleshooting purposes.
•
Detect and Prevent: Choose this option to check for and prevent attacks on
this category. Upon detection, a message is logged and a preventative
action is taken.
For IPS messages to be logged, you must configure IPS as the facility. For
more information, see
Click Apply to save your settings.
Logs Facility and Severity, page
5
189.
132
Hide quick links:
Advertisement
Table of Contents
