06-03-2022 11:22 AM - edited 06-03-2022 12:09 PM
I have configured around 300 rules in FMC.. a recent requirement is to apply an IPS Policy to all the rules..is there a way an Intrusion Policy can be applied all at once to an entire ACL ? its really inconvenient to edit 300 rules and apply an IPS Policy there.
Also, if i am not using inline mode does Intrusion Policy will act as an IDS only ? it wont drop any traffic ? in custom intrusion policy "drop when inline mode" is specific for inline modes only ?
Any help is appreciated
Solved! Go to Solution.
07-13-2022 07:41 AM
Just select all the rules in the ACP at once (select first one, hold down shift key and then select last one) and right click to edit. You may need to change your display rules per page (bottom right) so that you can see and select all of them at once.
Common tasks (such as IPS policy) will be selectable to change them.
06-03-2022 07:45 PM
06-04-2022 02:22 AM
Thanks...any link i can refer for such scripts?
06-04-2022 03:49 AM
07-13-2022 02:49 AM
If i do not select "Drop when Inline" will the IPS function as an IDS only regardless of rule actions ?
07-13-2022 07:41 AM
Just select all the rules in the ACP at once (select first one, hold down shift key and then select last one) and right click to edit. You may need to change your display rules per page (bottom right) so that you can see and select all of them at once.
Common tasks (such as IPS policy) will be selectable to change them.
07-13-2022 08:39 AM
Incredible !!! that was very helpful Marvin.
One more thing if you can please help out with.. if in IPS policy i have unchecked "Drop when Inline" will my policy act as an IDS ?
07-13-2022 08:48 AM
Deselecting "Drop when Inline" will indeed make the sensor function like what is sometimes referred to as an Intrusion Detection System (IDS) vs. an Intrusion Prevention System (IPS). I seldom see that used in practice though as it removes most of the utility of actually preventing intrusions.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide