Video Screencast Help

IPS policy in Symantec - Is it advisable to block all application in exceptions

Created: 29 Jul 2013 • Updated: 29 Jul 2013 | 4 comments
abhi1983's picture

HI ,

IN IPS policy is it advisable to block all default applications in exception ?  sur With so many applications there under intrusion prevention and browser prevention , Not sure whether it is advisable to block all the applcation . Will it cause false positive if i add all those or it is that it has all common apps which should be blocked

Discussion Filed Under:

Comments 4 CommentsJump to latest comment

pete_4u2002's picture
Best practices regarding Intrusion Prevention System technology
Article:TECH95347  |  Created: 2009-01-03  |  Updated: 2013-07-13  |  Article URL
ᗺrian's picture

Not sure what you mean "applications"? can you explain a little further?

The IPS signatures rarely causes false positives, I don't you having an issues by leaving the defaut policy in place. As a precaution, you can set each signature to log only is you wish, than you can monitor and change it to block if you wish.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.