Follow

Why aren't most of Intrusion Prevention's rules blocked by default?

Because many rules can block non-malicious traffic in addition to malicious exploits we don't turn them all on by default. To make things easy for you, we've evaluated each rule and determined the appropriate default settings for each rule using the following criteria:

  • If the rule is always known to block malicious exploits, Intrusion Prevention blocks and logs this rule by default.
  • If the rule is sometimes known to block malicious exploits, Intrusion Prevention logs this rule by default.
  • If the rule is never known to block malicious exploits, Intrusion Prevention neither blocks nor logs this rule by default.

You're free to change the action of all rules as you see fit for your network.

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk