Contents

Related Topics

Enable or Disable IPS for a Policy

When you enable IPS, it is automatically enabled for all policies. You can choose to disable it for a specific policy in the IPS configuration or when you edit a policy.

WatchGuard recommends that you enable IPS on policies that handle traffic to or from Internet hosts. You do not need to enable IPS on policies for Branch Office VPNs to trusted sites, or for traffic between trusted hosts on your internal network.

To disable or enable IPS for a policy, from Fireware Web UI:

  1. Select Subscription Services > IPS.
    The IPS configuration page appears. The IPS Policies section shows whether IPS is enabled for each policy.

Screen shot of the IPS Policies page

  1. To disable IPS for one or more policies, select the policies in the list.
    Use the Control or Shift keys to select multiple policies at the same time.
  2. To disable IPS for the selected policies, from the Select Action drop-down list, select Disable.
    To enable IPS for the selected policies, click Enable.
  3. Click Save.

To disable or enable IPS for a policy, from Policy Manager:

  1. Select Subscription Services > Intrusion Prevention.
    The Intrusion Prevention Service dialog box appears.
  2. Select the Policies tab.
    The list of configured policies appears.

Screen shot of the Intrusion Prevention Service dialog box, Policies tab

  1. To disable IPS for one or more policies, select the policies in the list.
    Use the Control or Shift keys to select multiple policies at the same time.
  2. To disable IPS for the selected policies, from the Select Action drop-down list, select Disable.
    To enable IPS for the selected policies, click Enable.
  3. Click OK.

If you enable IPS for an HTTPS proxy policy, you must also enable Content Inspection in the HTTPS proxy action, in order for IPS to scan the HTTPS content. For more information, see HTTPS-Proxy: Content Inspection. IPS scanning of HTTPS content is not supported on XTM 21, 22, and 23 devices.

To enable or disable IPS when you edit a policy, from Fireware Web UI:

  1. Select Firewall > Firewall Policies.
  2. Double-click a policy.
  3. To enable IPS, select the Enable Intrusion Prevention check box.
    To disable IPS, clear the Enable Intrusion Prevention check box.
  4. Click Save.

To enable or disable IPS when you edit a policy, from Policy Manager:

  1. In Policy Manager, add or edit a policy.
    The Policy Properties dialog box appears with the Policy tab selected.
  2. To enable IPS, select the Enable IPS for this policy check box.
    To disable IPS, clear the Enable IPS for this policy check box.
  3. Click OK.

See Also

Configure Intrusion Prevention

Give Us Feedback     Get Support     All Product Documentation     Technical Search