You configure the intrusion detection and prevention system at the security-policy intrusion-prevention level.
Admin@nodename# set security-policy intrusion-prevention <parameter>
Parameter |
Description |
---|---|
mode |
Enabling/disabling of the smart scan mode (in the smart scan mode only the first bytes of each session are scanned):
|
limit |
Number of the first kilobytes of each session that the IPS system will scan. Available values: from 50 to 200kB. |
To view the current state, use the following command:
Admin@nodename# show security-policy intrusion-prevention
By default, Smart scan is enabled. It checks the first 200kB of each session.
IDPS profiles are created in the item library and added to the firewall rules to activate the IDPS system.