14 ips, Ips overview, Configuring ips – H3C Technologies H3C SecBlade IPS Cards User Manual
Page 114: Configuration task list
14-1
14
IPS
IPS Overview
Intrusion Prevention System (IPS) runs on network trunks. You can configure IPS policies to implement
real-time analysis, traffic detection, and execute predefined actions to the abnormal traffics, for example,
blocking, isolating or interfering these abnormal traffics to prevent suspicious code from being injected
into target hosts and executed.
Configuring IPS
Configuration Task List
Perform the tasks in
to configure IPS policies. The IPS module also provides a shortcut for
IPS policy application, facilitating user operations. For more information, see
.
Table 14-1 IPS configuration task list
Task
Remarks
Optional
Create an IPS policy and copy the rules of an existing policy to the new policy.
By default, there is an IPS policy named Attack Policy, which can be modified,
copied and applied, but cannot be deleted.
Configuring
Default
Rules for the
Policy
Configuring
Rules for the
Policy
Configuring
User Defined
Rules for the
Policy
Optional
Modify the default rules—copied rules—in an IPS policy, or add user defined
rules for the policy.
z
By default, the default IPS policy Attack Policy has default rules, which
cannot be modified or deleted. The contents depend on the interface.
z
By default, an IPS policy has no user defined rules.
Applying an IPS Policy to a
Segment
Required
Apply the policy to a segment or certain IP addresses on the segment.
Before this step, you need to configure the segments in the page you enter by
selecting System Management > Network Management > Segment
Configuration. For details, refer to Network Management Configuration.