To build on my last IR article:
How to utilize SEP 12.1 for Incident Response - PART 6
I'm attaching a custom IPS policy which will detect the download of various filetypes via HTTP and HTTPS.
The signatures are in Allow mode and set to write to the Packet log for detailed information.
As of now, this policy will detect 37 different filetypes. I will update it as I add more.
Feel free to use and let me know if you have any questions or feedback.
how to block downloading images from google using Intrusion Prevention policy
Yes.
14 supports 12.1 clients.
Thanks for this post. And could you tell me that will SEPM 14 support SEPM 12.x client which is running on windows XP and if it will support than how long it will support XP.
Hello brain,
Thanks for the information.
Will it possible to get modified for blocking the attachments receiveing through email .
Thanks in advance
That's a good contribution Brian. Will go through the article that you have created as well....
Thanks for sharing!