Configuring the IPS Rules policy

Unlike most policy categories, the IPS Rules policy can have several policy profiles assigned. This expanded use of policies allows you to create several policies that profile an agent’s usage, location, or type of system on which it is installed to more easily apply intrusion prevention safeguards. For example, for an IIS Server you might apply a general default policy, a server policy, and an IIS policy, the latter two configured to specifically target systems runnings as IIS servers. In addition to applying existing policies, you can also easily create new ones if the available policies do not meet your safeguard needs.

To assign IPS Rules policies:

  1. Expand the IPS feature, and click Edit on the IPS Rules policy name line.
  2. To apply an existing policy, select it in the policy list. Click the policy name to view details of the policy.
  3. Click Apply.
  4. To add another policy instance, click Assign Additional Policy at the top of the IPS Rules section.
  5. A new policy row appears.

  6. Repeat steps 1 to 3.

To create a new IPS Rules policy:

  1. Do one of the following:
    • Click Edit in an IPS Rules policy name row.
    • Click Assign additional policy at the top of the IPS Rules listing.
  2. Select New Policy in the policy list
  3. In the Create New Policy dialog box, select the policy to duplicate, type the name of the new policy, and then click OK.
  4. In the IPS Rules tab edit, as appropriate:
  5. Click Close to close the IPS Rules policy dialog box.
  6. Click Apply in the IPS Rules policy name row.
  7.  

    Policies can be deleted only in the ePolicy Orchestrator Policy Catalog page and only by global administrators.

Copyright © 2006 McAfee, Inc. All Rights Reserved.