Table of Contents
Advertisement
Adding or editing user-defined protection policies
Cloning existing protection policies
Cloning existing protection policies
■
Enabling or disabling logging rules
■
Enabling or disabling blocking rules
■
Overriding blocking rules globally
■
Deleting user-defined protection policies
■
The Network Security console provides a way to add and edit user-defined
protection policies. Symantec protection policies cannot be modified. If you
want to modify a Symantec protection policy, clone it and modify the clone.
To add or edit user-defined protection policies
1
In the Policies tab, do one of the following:
Click New.
■
Select an existing protection policy, and click Clone > Edit.
■
2
In Policy Name, enter a unique name to distinguish this policy.
3
You have the option of doing any or all of the following:
In Search Events, you can change the search parameters to display a
■
more manageable subset of event types to apply rules.
See
"Searching to create a subset of event types"
In Search Results, you can adjust the view.
■
See
"Adjusting the view by columns"
4
In Search Results, define the policy by doing any or all of the following:
For software and appliance nodes, select event types to apply logging
■
rules to direct the monitoring of events.
See
"Enabling or disabling logging rules"
For 7100 Series appliance nodes, select event types to apply blocking
■
rules. Software nodes do not currently support blocking rules.
See
"Enabling or disabling blocking rules"
5
In Search Events, click OK to exit.
6
In the Protection Policies tab, click Apply to save and apply changes.
Because Symantec protection policies cannot be edited, if you want to modify a
Symantec protection policy, you must clone it and modify the clone.
Protection policies
Defining new protection policies
on page 117.
on page 119.
on page 122.
on page 123.
121
Advertisement
Table of Contents
