Configuring IDPS

You configure the intrusion detection and prevention system at the security-policy intrusion-prevention level.

Admin@nodename# set security-policy intrusion-prevention <parameter>

Available parameters:

Parameter

Description

mode

Enabling/disabling of the smart scan mode (in the smart scan mode only the first bytes of each session are scanned):

  • on

  • off

limit

Number of the first kilobytes of each session that the IPS system will scan. Available values: from 50 to 200kB.

To view the current state, use the following command:

Admin@nodename# show security-policy intrusion-prevention

By default, Smart scan is enabled. It checks the first 200kB of each session.

IDPS profiles are created in the item library and added to the firewall rules to activate the IDPS system.