Creating an Intrusion Prevention Policy
-
Go to the Policy tab under Profiles:
- Log into your Ray Cloud Controller
- Home Page > Profiles > Policy
-
Select Intrusion Prevention Policy:
- Give the policy a name according to your requirements and select Intrusion Prevention Policy from the drop down menu.
- Give the policy a name according to your requirements and select Intrusion Prevention Policy from the drop down menu.
-
Set the Requirements:
- Select the Traffic Rule:
- Select Alert if you want to generate an alert if there was an attack.
- Select Drop if you do not want any alerts whether there was an attack it will block all unwanted traffics and attacks.
- Note: In IDP/IPS each packet is assessed for threats, thus it takes more time to process, which leads to slower Internet speed. The speed of the internet goes down by approximately 40%.
- Set Bypass:
- Enter any domain name you want the policy to bypass.
- IF you have made any Application Filtering Policy and if you want them to bypass the rules, add them here. The policies will appear in the drop down menu.
- IF you have made any Custom Application Filtering Policy and if you want them to bypass the rules, add them here. The policies will appear in the drop down menu.
- Select the Traffic Rule:
-
Save the Policy
- Once you have defined the rules, click Save.
- Once you have defined the rules, click Save.