Filter
Top Products
41
McAfee
®
Host Intrusion Prevention 6.1 Product Guide IPS Policies
Configuring the IPS Rules policy
4
Configuring the IPS Rules policy
Unlike most policy categories, the IPS Rules policy can have several policy profiles
assigned. This expanded use of policies allows you to create several policies that profile
a client’s usage, location, or type of system on which it is installed to more easily apply
intrusion prevention safeguards. For example, for an IIS Server you might apply a
general default policy, a server policy, and an IIS policy, the latter two configured to
specifically target systems runnings as IIS servers. In addition to applying existing
policies, you can also easily create new ones if the available policies do not meet your
safeguard needs.
To assign IPS Rules policies:
1 Expand the
IPS feature, and click Edit on the IPS Rules policy name line.
2 To apply an existing policy, select it in the policy list. Click the policy name to view
details of the policy.
3 Click
Apply.
4 To add another policy instance, click
Assign Additional Policy at the top of the IPS Rules
section.
A new policy row appears.
5 Repeat steps 1 to 3.
To create a new IPS Rules policy:
1 Do one of the following:
Click Edit in an IPS Rules policy name row.
Click Assign additional policy at the top of the IPS Rules listing.
2 Select
New Policy in the policy list
3 In the Create New Policy dialog box, select the policy to duplicate, type the name of
the new policy, and then click
OK.
4 In the
IPS Rules tab edit, as appropriate:
Exceptions (See Exception Rules on page 42.)
Signatures (See Signatures on page 46.)
Application Protection Rules (See Signatures on page 46.)
5 Click
Close to close the IPS Rules policy dialog box.
6 Click Apply in the IPS Rules policy name row.
Note
Policies can be deleted only in the ePolicy Orchestrator Policy Catalog page and only by
global administrators.