Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Edit, Clone, and Delete an IPS Rule or an Exempt Rule

Edit an IPS Rule or an Exempt Rule

You can edit IPS rules and exempt rules associated only with customized IPS profiles, and not the rules associated with predefined (system-generated) profiles.

To edit an IPS or an exempt rule:

  1. Select SRX > Security Subscriptions > IPS > IPS Profiles.

    The IPS Profiles page opens.

  2. Click IPS-Profile-Name.

    The IPS-Profile-Name page opens.

  3. Click either the IPS RULES or the EXEMPT RULES tab, then select the IPS rule.
  4. Click edit (pencil) icon.

    The rule selected for editing is displayed inline at the top of the page.

  5. Modify the rule. See Create an IPS or an Exempt Rule.
    Note:

    You cannot modify the IPS rule or the exempt rule name.

  6. Click the check mark () to save your changes.

    The changes are saved and a confirmation message is displayed at the top of the page.

    If the IPS or exempt rule belongs to an IPS profile that is referenced in a firewall policy intent, then the firewall policy is marked for deployment. You must deploy the firewall policy for the changes to take effect on the device.

Clone an IPS Rule or an Exempt Rule

Cloning enables you to easily create an IPS or exempt rule based on an existing one. You can clone IPS and exempt rules associated only with customized IPS profiles, and not rules associated with predefined (system-generated) profiles.

To clone an IPS or an exempt rule:

  1. Select SRX > Security Subscriptions > IPS > IPS Profiles.

    The IPS Profiles page opens.

  2. Click IPS-Profile-Name.

    The IPS-Profile-Name page opens.

  3. Select a rule, and select More > Clone.

    The rule selected for cloning is displayed inline at the top of the page.

  4. Modify the rule. See Create an IPS or an Exempt Rule.
  5. Click the check mark () to save your changes.

    The new rule is created and a confirmation message is displayed at the top of the page.

Delete IPS Rules or Exempt Rules

You can delete IPS rules and exempt rules associated only with customized IPS profiles, and not the rules associated with predefined (system-generated) profiles.

To delete IPS rules or exempt rules:

  1. Select SRX > Security Subscriptions > IPS > IPS Profiles.

    The IPS Profiles page opens.

  2. Click IPS-Profile-Name.

    The IPS-Profile-Name page opens.

  3. Select one or more rules, and click the delete (trash can) icon.

    A warning message asking you to confirm the deletion is displayed.

  4. Click Yes.

    A message indicating the status of the delete operation is displayed at the top of the page.

    If the deleted IPS rule or exempt rule belongs to an IPS profile that is referenced in a firewall policy intent, then the firewall policy is marked for deployment. You must deploy the firewall policy for the changes to take effect on the device.