Your intrusion policy must be set to block. You might want to look at the Configuration guides located on Cisco's support site: http://www.cisco.com/c/en/us/support/security/defense-center/products-installation-and-configuration-guides-list.html fo...