Previous Topic

Next Topic

IDS Policies

The firewall's IDS driver and engine supports the SNORT based format of Intrusion Detection Rules. SNORT is an open standard intrusion detection technology. For more information about SNORT please visit www.snort.org.

The firewall's IDS engine is signature based - it process the content of the packets coming through the firewall engine and if there is a rule matching the packet content or behavior it reports an event.

You can create Intrusion Detection Profiles using provided IDS builder tool. You must meet following requirements:

  • Configuration Editor or TPF4 installed
  • IDSdb folder present - includes empty IDS profile database
  • Import folder present - includes the IDS configuration builder utility (snortimp.exe)
  • Snort folder present - includes Snort rules and definition files

The folders mentioned above are the part of the download or distribution files.

In This Section

Building IDS Rules

Building IDS Policies

Applying IDS Policy

See Also

Configuration for Advanced users

General Guidelines

Sandbox Settings in Advanced Mode

Firewall Policies

Using CFGPUSH.EXE utility