IPS Digital Vaccine (DV) Filters

STEP 4 In the Application Protection Filter Setting Exceptions section, specify the IP address exceptions for Application Protection, Traffic Normalization, Network Equipment Protection and Performance Protection filters.

STEP 5 In the Performance Protection Filter Settings section, specify IP address limits for Performance Protection filters.

STEP 6 Click Apply.

Delete a Global Limit/Exception Setting

STEP 1

STEP 2

STEP 3

STEP 4

From LSM menu, click IPS. Then, edit the Security Profile where you want to modify limit/ exception settings.

On the Edit Security Profile page in the Advanced Options section, scroll down to the Lim- its/Exceptions table.

Click Show Advanced Options if the Advanced Options table is not displayed.

Review the global limit and exception address entries. Click to delete an entry.

To delete a filter-level exception, edit the filter. For details, see “Edit Individual Filter Settings” on page 32

Click Apply.

Reset an Individual Filter

If you have created a filter override in a Security Profile, you can restore the filter to its default settings by deleting the Filter from the Security Profile Filters table.

You can also reset all filters to their factory default settings from the IPS Preferences page. If you do this, all the filters will be set to their recommended state and all action sets, rate limits, and thresholds (other than defaults) will be deleted. You will also lose the Security Profiles you have created along with any custom settings configured on the default Security Profile. For details, see “Reset Filters” on page 57.

Delete a Filter Override

STEP 1

STEP 2

STEP 3

STEP 4

From the LSM menu, click Security Profiles.

On the Security Profiles page in the Current Profiles table, click Profile Name for the profile you want to change.

On the Edit Security Profile page in the Advanced Options section, locate the Filters table.

In the Filters table, find the entry for the filter override you want to remove. Then, click .

The filter is restored to the recommended settings for the category it belongs to.

Port Scan/Host Sweep Filters

A port scan attack scans a host looking for any open ports that can be used to infiltrate the network. A host sweep scans multiple hosts on the network looking for a specific listening port that can be used to infiltrate the network.

X Family LSM User’s Guide V 2.5.1

35