Chapter 3 IPS Filtering

installed on your network. From the LSM, you can modify the filter configuration for a Security Profile by category or by changing individual filter settings. You can make the following types of changes:

Edit a Filter Category Group to enable/disable all filters in the group or change the assigned action for all filters in the group.

Edit an individual filter or group of filters to modify the following settings: State, Action, Adaptive Filter Configuration State, Exceptions.

When you edit a filter, the changes only affect the Security Profile in which you make the edits. This allows you to have different filter configurations for different Security Zones.

For details on editing filters, see the following topics:

“Edit Category Settings for a Filter Group” on page 30

“Edit Individual Filter Settings” on page 32

“Edit a Port Scan/Host Sweep Filter” on page 36

Note If the category setting is enabled and you disable the filter, the filter may still display as enabled.

Edit Category Settings for a Filter Group

STEP 1

STEP 2

STEP 3

Note When you change the Category Settings for a group of filters, the settings will not affect any filters that have been customized (overridden). Filters that have been customized display on the Edit Security Profiles page in the Filters section.

On the Filters List page, these filters are listed with Control = Filter.

From the LSM menu, click Security Profiles.

On the Security Profiles page in the Current Profiles table, click the pencil icon for the Security Profile you want to change.

On the Edit Security Profile page in the Advanced Options section, locate the Filter Category group in the Category Settings table.

30 X Family LSM User’s Guide V 2.5.1