Intrusion Prevention System (IPS) policies and Intrusion Detection System (IDS) policies determine which traffic the Smoothwall Appliance blocks, logs, or alerts on.
- The Smoothwall Appliance comes with several intrusion policies made from Snort signatures that target common web vulnerabilities. You can see these in the Current Policies table on the Services > Intrusion system > Policies page.
- You can also create your own policies using our list of signatures to suit your individual network.
Important
On the Services > Intrusion system > Signatures page, you’ll see options to:
- Upload a Custom Signatures file.
- Enter your Oink code to add Sourcefire VRT Signatures.
Due to changes in third-party software, these features no longer function and should be ignored.
Create custom policies
- Go to Services > Intrusion system > Policies.
- In the Policy section, enter a Name.
- (Optional) Enter a Comment.
- Select a Theme, or select the + icon to expand the Theme and choose specific Protocols or Signatures to include in the policy.
- Select Add.
Edit a custom or built-in policy
- Go to Services > Intrusion system > Policies.
- In the Current Policies table, select the checkbox in the Mark column.
- Select Edit and the selected policy will appear in the Policy section.
- Edit the Name or Comment if needed.
- Add additional Themes, Protocols or Signatures.
Note
You can only remove items you have added to the default policy. To remove items from the default, delete the policy and create a new one.
- Select Add.
Delete a custom or built-in policy
- Go to Services > Intrusion system > Policies.
- In the Current Policies table, select the checkbox in the Mark column.
- Select Remove.