234
Managing intrusion prevention
Creating exceptions for IPS signatures
Creating exceptions for IPS signatures
Enabling or disabling network intrusion prevention or browser intrusion prevention
1
In the console, open an Intrusion Prevention policy.
2
On the Intrusion Prevention Policy page, click Settings.
3
Check or uncheck the following options:
Enable Network Intrusion Prevention
Enable Browser Intrusion Prevention
4
Click OK.
You can create exceptions to perform the following actions:
Change the default behavior of IPS network signatures
Specify browser signatures that client computers should ignore
You can change the action that the client takes when the IPS recognizes a network
signature. You can also change whether the client logs the event in the Security
log.
You cannot change the behavior of Symantec browser signatures; unlike network
signatures, browser signatures do not allow custom action and logging settings.
However, you can create an exception for a browser signature so that clients
ignore the signature.
Note: When you add a browser signature exception, Symantec Endpoint Protection
Manager includes the signature in the exceptions list and automatically sets the
action to Allow and the log setting to Do Not Block. You cannot customize the
action or the log setting.
See
Managing intrusion prevention on your client computers"
Note: To change the behavior of a custom IPS signature that you create or import,
you edit the signature directly.
To change the behavior of Symantec IPS network signatures
1
In the console, open an Intrusion Prevention policy.
2
On the Intrusion Prevention Policy page, click Exceptions, and then click
Add.
on page 229.