Symantec 10521146 Administration Guide - Page 124
Policies, Full Event List, Columns, Select All, Log/Block
UPC - 037648268134
View all Symantec 10521146 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 124 highlights
124 Protection policies Defining new protection policies configuring a protection policy with blocking rules enabled. You can enable blocking rules only on interface pairs on Symantec Network Security 7100 Series appliances that are deployed in-line. To override these blocking rules globally without redefining the policy itself, see also "Overriding blocking rules globally" on page 115. To block events from entering the network 1 In the Policies tab, do one of the following: ■ Click New > Full Event List. ■ Select a protection policy, and click Edit > Full Event List. You can edit user-defined protection policies only. 2 To adjust your view of the event list, click Columns. See "Adjusting the view by columns" on page 119. 3 To select the events, do one of the following: ■ To select the entire event list, click Select All. ■ To select a subset of events, press Ctrl and select multiple events. 4 Click Log/Block. You can enable blocking rules independently of logging rules. See also "Enabling or disabling logging rules" on page 122. 5 In Block Event (applies to in-line interfaces only), do one of the following: ■ Click Block Event to enable blocking. ■ Unclick Block Event to disable blocking. Note: You can apply this option only to in-line interfaces on 7100 Series appliance nodes. It is not available on Network Security software nodes. 6 In Note For Selected Event Type(s), you can add an optional note, and click OK. Event Details displays this annotation each time this policy detects the annotated event. See "Viewing event details" on page 197. You can override blocking rules globally from the Protection Policies tab. See also "Overriding blocking rules globally" on page 115. You can configure policies to include active blocking rules and LiveUpdate rules, so that when LiveUpdate adds new signatures, the blocking rules will be created automatically. To do this, you must define at least one blocking rule in the policy so that blocking is enabled. See also "Updating policies automatically" on page 125.