Create a Custom IPS Policy
Use the following procedure to create a new custom IPS policy with the IPS rules provided by Talos:
Procedure
Step 1 | In the left pane, click . | ||
Step 2 | Click the blue plus button . | ||
Step 3 | Expand the drop-down menu of the Base Template. If your device is running version 7.2 with Snort 3, you must expand the drop-down and then click Choose to select the template.If the device is running version 7.1.x and earlier, simply expand the drop-down menu and select one of the following templates:
| ||
Step 4 | Enter a Name for the policy. We strongly recommend using a name that is unique and different from the default base templates. If you ever need to troubleshoot your IPS policy, Cisco TAC can easily locate the custom policy and revert to a default policy; this keeps your network protected without losing your customized changes. | ||
Step 5 | (Optional) Enter a Description for the policy. | ||
Step 6 | Select the IPS Mode:
| ||
Step 7 | Click Save. What's Next? Add your IPS policy to an FDM-managed device access control rule. See Custom IPS Policy in an FDM Access Control Rule for more information. |