Configuring Exempt Rulebase Rules (NSM Procedure)
The Exempt rulebase enhances manageability of the IDP solution by enabling you to categorically exempt traffic segments you know to be safe from IDP rulebase processing.
Figure 1 shows the Exempt rulebase in the NSM security policy editor, where you can modify Exempt rules. Table 1 describes the rule settings you can configure.
Figure 1: NSM Security Policy Editor: Exempt Rulebase
To create Exempt rulebase rules:
- In the NSM navigation tree, select Policy Manager > Security Policies.
- Select the security policy you want to which you want to add Exempt rulebase rules.
- Add the Exempt rulebase by clicking the + icon in the upper right region of the policy viewer and selecting Add Exempt Rulebase.
- Add a rule by clicking the + icon within the rules viewer.
- Modify rule settings by right-clicking the table cell for the setting and making your selection.
- Click OK to save your changes.
Table 1: Exempt Rulebase Rule Properties
Setting | Function |
|---|---|
No. | Adds, deletes, copies, or reorders rules. Right-click the table cell for the rule number and make your selection. |
Match | Sets source, destination, and service matches. |
Look For | Sets attack matches. |
VLAN Tag | Sets VLAN tag matches. |
Install On | Specifies target IDP devices for the rule. By default, IDP security policy rules can be applied to any IDP device. Right-click the table cell and select Select Target to display a dialog box where you can specify the IDP devices to which the rule can be installed. |
Comments | Adds notations about the rule. This setting is optional. Right-click the table cell and select Edit Comments to display a dialog box where you can make notations about the rule. Comments do not affect the functionality of the security policy rule. |
