IDS exceptions

Intrusion Detection System (IDS) exceptions are essentially network protection rules. The exceptions are evaluated from top to bottom. IDS exceptions editor allows you to customize network protection behavior upon various IDS exceptions. First matching exception is applied, for each action type (Block, Notify, Log) separately. Top/Up/Down/Bottom allows you to adjust the priority level of exceptions. To create a new IDS exception, click Add. Click Edit to modify an existing IDS exception, or Delete to remove it.

Choose Alert type from the drop-down list. Specify the Threat name and Direction. Browse for an Application you want to create the exception for. Specify a list of IP addresses (IPv4 or IPv6) or subnets. For multiple entries use comma as a delimiter.

Configure Action for IDS exception by selecting one of the options from the drop-down menu (Default, Yes, No). Do this for each Action type (Block, Notify, Log).


EXAMPLE

If want a notification to be displayed in case of an IDS exception alert, as well as have the time of the event logged, leave the Block action type Default and for the other two action types (Notify and Log) choose Yes from the drop-down menu.