McAfee 6.1 manual To configure the IPS Protection policy, To create a new IPS Protection policy

These levels indicate potential danger to a system and enable you to define specific reactions for different levels of potential harm. You can modify the severity levels and reactions for all signatures. For example, when suspicious activity is unlikely to cause damage, you can select ignore as the reaction. When an activity is likely to be dangerous, you can set prevent as the reaction.

The IPS Protection policy has several preset policies from which to select. If the preset policies do not provide the selected option combination you want, create a new policy and select the required options. Selections in the IPS Protection policy dialog box vary depending on the selected policy.

To configure the IPS Protection policy:

1Expand the IPS feature, and click Edit on the IPS Protection category line.

2To apply a preset policy, select it in the policy list. Click the policy name icon to view the settings:

To create a new IPS Protection policy:

1Click Edit on the IPS Severity category line, and select New Policy in the policy list.

2In the Create New Policy dialog box, select the policy to duplicate, type the name of the new policy, and then click OK.

Create a new, duplicate policy when viewing the details of a preset policy by clicking Duplicate at the bottom of the policy dialog box. Type the name of the new policy and

indicate whether to assign the policy immediately to the current node.

39