SonicOS 7.1 Objects
- SonicOS 7.1 Action Objects
- About SonicOS
- Match Objects
- Zones
- How Zones Work
- Default Zones
- Security Types
- Allow Interface Trust
- Effect of Wireless Controller Modes
- Zones Overview
- The Zones Page
- Adding a New Zone
- Adding a New Zone in Policy Mode
- Adding a New Zone in Classic Mode
- Configuring a Zone for Guest Access
- Configuring a Zone for Open Authentication and Social Login
- Configuring the WLAN Zone
- Configuring the RADIUS Server
- Configuring DPI-SSL Granular Control per Zone
- Enabling Automatic Redirection to the User-Policy Page
- Cloning a Zone
- Editing a Zone
- Deleting Custom Zones
- Addresses
- Addresses Page
- About UUIDs for Address Objects and Groups
- Working with Dynamic Address Objects
- Services
- URI Lists
- Schedules
- Dynamic Group
- Email Addresses
- Match Objects
- Countries
- Applications
- Web Categories
- Websites
- Match Patterns
- Custom Match
- Profile Objects
- Endpoint Security
- Bandwidth
- QoS Marking
- Content Filter
- DHCP Option
- DNS Filtering
- Block Page
- Anti-Spyware
- Gateway Anti-Virus
- Log and Alerts
- Intrusion Prevention
- AWS
- Action Profiles
- Security Action Profile
- DoS Action Profile
- Action Objects
- App Rule Actions
- Content Filter Actions
- Object viewer
- SonicWall Support
Intrusion Prevention
An Intrusion Prevention System (IPS) is a threat detection method to detect and prevent identified threats. IPS continuously monitors the network to identify the possible malicious incidents and captures information about the identified incidents. The IPS takes preventative action to prevent future attacks.
In this section, you can create Intrusion Prevention Action Profile to be used along with the Intrusion Prevention profiles created on OBJECT | Profile Objects > Intrusion Prevention > Intrusion Prevention Profiles page.
To configure a custom Intrusion Prevention Action Profile
- Navigate to OBJECT | Action Profiles > Security Action Profile.
-
Do one of the following:
-
Add a new Security Action Profile.
- Click the Add icon.
- Enter an Action Profile Name.
-
Edit an existing Security Action Profile.
Hover over an existing Security Action Profile and click the Edit icon.
-
-
Click the Intrusion Prevention tab.
- Enable Intrusion Prevention to enable the SonicWall Threat Prevention Service (IPS).
-
Select the Threat Profile to be used to build an action profile.
Global Settings To apply the rules defined by SonicOS. Go to step 7 if you select Global Settings.
Profile Settings To customize the rules for a specific requirement. Skip step 7 if you select Profile Settings.
-
Select the profile to be applied to Prevent and Log from the respective drop-down menus. These options are not available if you set the Intrusion Prevention Profile as Global Settings.
Prevent To restrict the transfer of files with specific attributes. Enabling Prevent restricts data file transfers for each protocol, except the TCP Stream. Log To keep a record of your SonicWallIntrusion Prevention traffic. You can select the default or custom Profiles created on OBJECT | Profile Objects > Intrusion Prevention > Intrusion Prevention Profiles page. For more information, refer to Adding Intrusion Prevention Profiles.
- Set the Redundancy Filter value in seconds for how long to use these filters.
-
Select the Low, Medium, and High Priority/Risk options based on your needs to Prevent, Log, and for how long to use the Redundancy Filters.
Low, Medium, and High Priority/Risk options are not available if you select Profile Settings because your Intrusion Prevention Profile addresses those capabilities.
- Click Save.
Was This Article Helpful?
Help us to improve our support portal