85 lines
2.2 KiB
INI
85 lines
2.2 KiB
INI
config ips sensor
|
|
edit "g-default"
|
|
set comment "Prevent critical attacks."
|
|
config entries
|
|
edit 1
|
|
set severity medium high critical
|
|
next
|
|
end
|
|
next
|
|
edit "g-sniffer-profile"
|
|
set comment "Monitor IPS attacks."
|
|
config entries
|
|
edit 1
|
|
set severity medium high critical
|
|
next
|
|
end
|
|
next
|
|
edit "g-wifi-default"
|
|
set comment "Default configuration for offloading WiFi traffic."
|
|
config entries
|
|
edit 1
|
|
set severity medium high critical
|
|
next
|
|
end
|
|
next
|
|
edit "all_default"
|
|
set comment "All predefined signatures with default setting."
|
|
config entries
|
|
edit 1
|
|
next
|
|
end
|
|
next
|
|
edit "all_default_pass"
|
|
set comment "All predefined signatures with PASS action."
|
|
config entries
|
|
edit 1
|
|
set action pass
|
|
next
|
|
end
|
|
next
|
|
edit "high_security"
|
|
set comment "Blocks all Critical/High/Medium and some Low severity vulnerabilities"
|
|
set block-malicious-url enable
|
|
config entries
|
|
edit 1
|
|
set severity medium high critical
|
|
set status enable
|
|
set action block
|
|
next
|
|
edit 2
|
|
set severity low
|
|
next
|
|
end
|
|
next
|
|
edit "protect_client"
|
|
set comment "Protect against client-side vulnerabilities."
|
|
config entries
|
|
edit 1
|
|
set location client
|
|
next
|
|
end
|
|
next
|
|
edit "protect_email_server"
|
|
set comment "Protect against email server-side vulnerabilities."
|
|
config entries
|
|
edit 1
|
|
set location server
|
|
set protocol SMTP POP3 IMAP
|
|
next
|
|
end
|
|
next
|
|
edit "protect_http_server"
|
|
set comment "Protect against HTTP server-side vulnerabilities."
|
|
config entries
|
|
edit 1
|
|
set location server
|
|
set protocol HTTP
|
|
next
|
|
end
|
|
next
|
|
end
|
|
config ips settings
|
|
set proxy-inline-ips disable
|
|
end
|