General

In General, you can set options such as IPS use feature, operation mode, analyze IPS recommendation environment settings and etc.

You can check the following in General.

• IPS Use and Operation Mode Settings
• Analyzing IPS Recommendation Environment Settings

IPS Use and Operation Mode Settings

Follow the steps below to set IPS Use and Operation Mode.

Note

Click Default on the bottom of the screen to apply the default value.

1. Click Policy.
2. Select Policy > Security Program Policy tab.
3. Click Add > HIPS/Firewall > IPS Policy.
4. Press General.
5. Configure whether to Enable IPS or not. If you select Enable IPS, network attack will be detected and blocked.
6. For IPS Operation Mode, select among Detection and Block. If Detection is selected, network attacks will only detect, and not block.

• IP fragmentation: Responds to attacks that bypass signature-based defense feature by dismantling and transmitting malicious data from IP layer.
• TCP segmentation: Responds to attacks that bypass signature-based defense feature by dismantling and transmitting malicious data from TCP layer.

• URL Obfuscation: Responds to attacks that bypass signature-based defense feature by obfuscating and concealing malicious URL.

7. Click Save.

Note

If OS is Linux, a packet is automatically reassembled and transmitted from IP layer. This feature works separately from IP fragmentation option.

Add a Schedule

Follow the steps below to add automatic analysis on the environment recommended for IPS signature.

1. Click Policy.
2. Select Policy > Security Program Policy tab.
3. Click Add > HIPS/Firewall > IPS Policy.
4. Press General.
5. From IPS Signature Recommendation, set whether to use automatic analysis on the environment recommended for IPS signature.  If you select Perform automatic analysis on the environment recommended for rule environment, system scan will be scheduled to collect system environment info needed to recommend IPS signature.
6. Enter required item in <Add a Schedule>.
   

• Schedule: Reserve a time to start system scan for collection of environment info. You can add up to 5 scans that will be performed every day, every week, or every month at set date and time.
• Every day: Run system scan every day at the set time.
• Every week: Run system scan every week at the set time of the day of the week.
• Every month: Run system scan every month at the set date and time.
• Once: Run system scan only once at the set time of the day.

7. Click OK.
8. Click Save.

Note

Click Import on the top right side of the screen to import and apply a policy.

Edit a Schedule

Edit policy on automatic analysis on the environment recommended for IPS signature. Follow the steps below to edit automatic analysis on the environment recommended for IPS signature.

1. Click Policy.
2. Select Policy > Security Program Policy tab.
3. Click Add > HIPS/Firewall > IPS Policy.
4. Click General.
5. From Start Time list of IPS Signature Recommendation, click Modify.
6. Make changes to the item and click OK.

Delete a Schedule

Delete set automatic analysis on the environment recommended for IPS signature. Follow the steps below to delete automatic analysis on the environment recommended for IPS signature.

1. Click Policy.
2. Select Policy > Security Program Policy tab.
3. Click Add > HIPS/Firewall > IPS Policy.
4. Click General.
5. From Start Time list of IPS Signature Recommendation, click Delete () .
6. Once the deletion confirmation message appears, click Yes.