McAfee M-1250 IPS Configuration Guide - Page 46
Managing policies with Reconnaissance Policy Editor
View all McAfee M-1250 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 46 highlights
McAfee® Network Security Platform 5.1 Managing IPS settings 1 Select IPS Settings > Policies > IPS Policy Editor. 2 Select a policy. 3 Click Version Control. The IPS Policy Version List for Policy: dialog is displayed. The IPS Policy Version List displays the following information for each policy revision: Field Description Revision Indicates the revision number of the policy. When you edit a policy and save the changes, a new revision number is generated. For example, you have revision # 1, 2, and 3 of a policy. After reviewing, you modify revision #2 and save. The policy change is stored as revision #4. Version #0 indicates a policy created by McAfee or a policy upgraded from older versions of the Manager. Date The date when the revision was done. User The user who performed the policy revision. Description The name of the policy and the current revision number. Active Revision The check mark indicates the currently active version of the policy. You can perform the following actions: • Rollback: Allows you to revert to the selected revision of the policy. The selected version is then marked as the Active Revision. Note: This option is available only for policies that you can edit. • View: View details for the selected revision of the policy. You can also view the details under > Log > User Activity Audit. The audit log messages include the policy version number for all policy actions. • Delete: Delete any saved version of the policy. You can delete one or more revisions at the same time. Only un-applied policy revisions can be deleted. If you attempt to delete a current policy version, the Manager displays the message, "The selected revision cannot be deleted because it is currently the active revision." Note: This option is available only for policies that you can edit. • Show Diff: Compare any two revisions to view the differences. This option is enabled after you select two versions of the policy. Using Show Diff, you can opt for one of the following views: Snapshot: displays the differences at a high level that is, within logical groups Summary: displays details for all differences except attack details Detail: displays all data differences including attack details in the Exploit, Threshold, and Statistical sections. Managing policies with Reconnaissance Policy Editor The Reconnaissance Policy Editor action enables the use of the ultimate refining tool for Reconnaissance policy management. Using this editor, you can select the reconnaissance attacks you want to protect against, the types of automatic responses you need to block 38