IPS Settings
Navigate to Threats > Intelligence Database > IPS Settings to upload and manage IPS rule sets.
All rules from all enabled IPS rule sets are loaded and evaluated. If two rule sets contain rules with an identical ID (sid keyword), the rule with the higher revision number (rev keyword) takes precedence.
The table displays the default rule set and the custom rule sets with their names and optional notes. With the slider switch in the first column you can enable (
) or disable (
) an IPS rule set.
Note
If you want to turn the IPS off, disable all IPS rule sets in this table.
The icons in the last table column allow you to download or delete an IPS rule set.
Note
The default rule set System IPS Rules.csv cannot be deleted.
Click Upload above the overview table to access the file system where you can select the IPS rule set file (.rules, .csv or .txt format).
IPS Rule Set Upload
When you upload an IPS rule set file, the upload screen is displayed with the following elements:
Field |
Description |
|---|---|
|
The slider switch indicates whether the IPS rule set is enabled or not. |
SELECT |
Access the file system where you can select the IPS rule set file ( |
Note |
Optional: Add a short description of the IPS rule set. |
To use the IPS rule set file, click the UPLOAD button at the bottom of the screen. If you do not want to upload the file, click CANCEL.
Additional References:
For information on the keywords used in IPS signatures, refer to IPS Rule Definitions.