Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Modifying IDP Rulebase Rules (NSM Procedure)

    This procedure assumes you have used the New Policy wizard to create a basic policy that you can modify.

    The primary IDP security policy rulebase is the IDP rulebase. The IDP rulebase enables the IDP engine to inspect matching traffic for attack signatures and protocol anomalies.

    Figure 1 shows the IDP rulebase in the NSM security policy editor, where you can modify IDP rulebase rules. Table 1 lists the rule properties you can modify and provides references to documentation for these properties.

    Figure 1: NSM Security Policy Editor: IDP Rulebase

    Image s036702.gif

    To modify an IDP rulebase rule property:

    1. In the NSM navigation tree, select Policy Manager > Security Policies.
    2. Double-click the security policy you want to edit.
    3. In the security policy editor, click the IDP tab to display the IDP rulebase table.
    4. Add, delete, copy, or reorder rules by right-clicking the table cell for the rule number (No. column) and making your selection.
    5. Modify rule settings by right-clicking the table cell for the setting and making your selection.
    6. Click OK to save your changes.

    Note: If not all of the columns you want to configure appear in the Security Policy editor, use NSM display features to show the hidden columns. For details, see the NSM online Help.

    Published: 2011-02-08