Configure a Default IDP Policy
If multiple IPS policies are configured for a session and when policy conflict occurs, the device applies the default IPS policy for that session and thus resolves any policy conflicts.
If a device has multiple IPS policies attached to standard or unified firewall policy rules, then you must configure a default IPS policy. If a device has more than one IPS policies, but is not attached to any standard or unified firewall policy, then a default IPS policy is not mandatory.
Create a Default IDP Policy
To create a default IDP policy:
- Select Configure > Firewall Policy > <Standard/Unified> Policies.
The policies page is displayed.
- Click Global Options.
The Global Options page is displayed.
- Click the IDP Default tab.
- Click the + icon to create a default IDP policy.
The Create IDP Default page is displayed.
- Configure the parameters according to the guidelines in Table 1.
- Click OK.
The default IDP policy for the selected device (s) is created.
Table 1: Create IDP Default
Fields | Description |
---|---|
IDP Profile | Select an IPS policy, which you want to set as default. |
Description | Enter a description for the default IDP policy. |
Device Selection | Select the devices on which the default IDP policy is applied. |
Edit a Default IDP Policy
To edit a default IDP profile:
- Select Configure > Firewall Policy > <Standard/Unified> Policies.
The policies page is displayed.
- Click Global Options.
The Global Options page is displayed.
- Click the IDP Default tab.
- Select a default IDP policy, right-click and select Edit or click the pencil icon.
- Edit the fields and click OK.
Delete a Default IDP Policy
To delete a default IDP policy:
- Select Configure > Firewall Policy > <Standard/Unified> policies.
The policies page is displayed.
- Click Global Options.
The Global Options page is displayed.
- Select the IDP policy and click Delete. Delete
option is also available when you right-click an IDP policy.
The pop up with a confirmation message is displayed.
- Click Yes to delete the default IDP policy.