• SonicOS 7.1
• About SonicOS
  • Working with SonicOS
  • SonicOS Workflow
  • How to Use the SonicOS Administration Guides
  • Guide Conventions
• Summary
  • Synchronize Licenses
  • Security Services Settings
  • Signature Downloads Through a Proxy Server
  • Security Services Information
• Configuring Content Filter
  • SonicWall CFS
    • CFS Status
    • Global Settings
    • CFS Exclusion
  • CFS Custom Category
  • Websense Enterprise
    • Websense Server Status
    • General Settings
    • Block Web Features
    • CFS Exclusion
    • Blocking Page
• Managing the SonicWall Gateway Anti-Virus Service
  • SonicWall GAV Multi-Layered Approach
    • Remote Site Protection
    • Internal Network Protection
    • HTTP File Downloads
    • Server Protection
    • Cloud Anti-Virus Database
  • SonicWall GAV Architecture
  • Activating the Gateway Anti-Virus, Anti-Spyware, and Intrusion Prevention License
  • Setting Up SonicWall Gateway Anti-Virus Protection
    • Viewing SonicWall Gateway Anti-Virus Status Information
      • Checking the SonicWall Gateway Anti-Virus Signature Database Status
      • Updating SonicWall Gateway Anti-Virus Signatures
    • Enabling SonicWall Gateway Anti-Virus
    • Applying SonicWall Gateway Anti-Virus Protection on Zones
    • Specifying Protocol Filtering
      • Enabling Inbound Inspection
      • Enabling Outbound Inspection
      • Restricting File Transfers
        • FTP Settings
        • Exclusion Settings
      • Resetting Gateway Anti-Virus Settings
    • Configuring Gateway Anti-Virus Settings
      • Configuring Gateway Anti-Virus Settings
      • Configuring HTTP Clientless Notification
      • Configuring a SonicWall GAV Exclusion List
    • Configuring Cloud Gateway Anti-Virus
  • Viewing SonicWall Gateway Anti-Virus Signatures
    • Displaying Signatures
    • Navigating the Gateway Anti-Virus Signatures Table
    • Searching the Gateway Anti-Virus Signature Database
• Anti-Spyware Service
  • Anti-Spyware Status
  • Anti-Spyware Global Settings
  • Signature Groups
  • Protocols
  • Anti-Spyware Signatures
• Intrusion Prevention Service
  • About Intrusion Prevention Service
  • Enabling Intrusion Prevention Services
  • IPS Status
  • IPS Global Settings
  • Intrusion Prevention Service Policies
• Configuring Geo-IP Filters
  • Configuring Geo-IP Filtering
  • Creating Custom Country Lists
  • Customizing Web Block Page Settings
  • Using Geo-IP Filter Diagnostics
    • Geo-IP Cache Statistics
    • Custom Countries Statistics
    • Show Resolved Locations
    • Check GEO Location Server Lookup
    • Incorrectly Marked Address
• Configuring Botnet Filters
  • Configuring Botnet Filtering
  • Creating Custom Botnet Lists
    • Creating a Custom Botnet List
    • Editing Custom Botnet List Entries
  • Configuring Dynamic HTTP Authentication
  • Customizing Web Block Page Settings
  • Using Botnet Filter Diagnostics
    • Botnet Cache Statistics
    • Botnets Statistics
    • Show Resolved Botnet Locations
    • Check Botnet Server Lookup
    • Incorrectly Marked Address
  • Displaying the Status of the Botnet Feature and Database
• Configuring App Control
  • About App Control Policy Creation
  • Viewing App Control Status
  • Enabling App Control
    • Enabling App Control Globally
    • Enabling App Control on Zones
    • Configuring Logging and Log Filter Interval
    • Enabling App Control Filename Logging
  • Configuring App Control Global Settings
    • About App Control Global Settings
  • Configuring App Control Advanced Settings
    • Configuring App Control Advanced by Category
    • Configuring App Control Advanced by Application
    • Configuring App Control Advanced by Signature
    • Viewing Signatures
      • Viewing by All Categories and All Applications by Applications
      • Viewing by All Categories and All Applications by Signatures
      • Viewing by All Categories and All Applications by Category
      • Viewing Just One Category
      • Viewing Just One Application
      • Displaying Details of Signature Applications
      • Displaying Details of Application Signatures
• SonicWall Support
  • About This Document

Intrusion Prevention Service Policies

This section allows the administrator to configure settings for individual attacks.

1. Locate the type of attack that you would like to view. To sort by category, select a category from the Categories list. To sort by priority, select a priority level from the Priority list.
2. After locating a type of attack to configure, click Config/Edit on its row. A dialog box appears where you can give specific information about the IPS Signature Settings for the selected attack. The top part of the dialog box is populated with the information from the selected Signature row.

3. Configure the fields in the dialog box for each type of attack you need to edit:

   • Prevention - Select whether attack prevention for this type of attack is enabled, disabled, or uses the default global settings for the attack category from the list.
   • Detection - Select whether attack detection for this type of attack is enabled, disabled, or uses the default global settings for the attack category from the list.
   • Included Users/Groups - Select which users or groups to include for this attack type from the list.
   • Excluded Users/Groups - Select which users or groups to exclude for this attack type from the list.
   • Included IP Address Range - Select an IP address range to include for this attack type from the list.
   • Excluded IP Address Range - Select an IP address range to exclude for this attack type in the list box.
   • Schedule - Select a time range to enforce attack protection on this attack type the list.
   • Log Redundancy Filter (seconds) - Enter a time span (in seconds) to set the filter or select Use Category Settings.
4. Save - This selection returns you to the Intrusion Prevention page. Your changes have been applied.
5. Cancel - This selection discards your changes.