Disable or Enable IPS for a Policy

When you enable IPS, it is automatically enabled for all policies. You can choose to disable it for a specific policy in the IPS configuration or when you edit a policy.

To disable or enable IPS for a policy:

  1. Select Subscription Services > IPS.
    The IPS configuration page appears. The IPS Policies section shows whether IPS is enabled for each policy.

Screen shot of the IPS Policies page

  1. To disable IPS for one or more policies, select the policies in the list.
    Use the Control or Shift keys to select multiple policies at the same time.
  2. To disable IPS for the selected policies, from the Select Action drop-down list, select Disabled.
    To enable IPS for the selected policies, click Enabled.
  3. Click Save.

If you enable IPS for an HTTPS proxy policy, you must also enable deep inspection of HTTPS content in the HTTPS proxy action, in order for IPS to scan the HTTPS content. For more information, see HTTPS-Proxy: Content Inspection. IPS scanning of HTTPS content is not supported on XTM 21, 22, and 23 devices.

You can also choose to enable or disable IPS when you edit a policy:

  1. Select Firewall > Firewall Policies.
  2. Double-click a policy.
  3. To enable IPS, select the Enable Intrusion Preveion check box.
    To disable IPS, clear the Enable Intrusion Prevention check box.
  4. Click Save.

See Also

Configure Intrusion Prevention

Give Us Feedback  •   Get Support  •   All Product Documentation  •   Knowledge Base