Convert Snort 2 Custom Rules of a Single Intrusion Policy to Snort 3

Procedure

Step 1

Choose Policies > Access Control heading > Intrusion.

Step 2

In the Intrusion Policies tab, click Show Snort 3 Sync status.

Step 3

Click the Sync icon Snort out-of-Sync (snort versions out-of-sync) of the intrusion policy.

Note

If the Snort 2 and the Snort 3 versions of the intrusion policy are synchronized, then the Sync icon is in greenSnort in-Sync (snort versions in-sync). It indicates that there are no custom rules to be converted.

Step 4

Read through the summary and click the Custom Rules tab.

Step 5

Choose:

  • Import converted rules to this policy—To convert the Snort 2 custom rules in the intrusion policy to Snort 3 and import them into Firewall Management Center as Snort 3 custom rules.

  • Download converted rules—To convert the Snort 2 custom rules in the intrusion policy to Snort 3 and download them into your local system. You can review the converted rules in the downloaded file and later upload the file by clicking the upload icon.

Step 6

Click Re-Sync.

What to do next

Deploy configuration changes; see Deploy Configuration Changes.