Awesome, thanks..@SMLatCST, thats my understanding, the whole creation that a lot of people sometimes tend to forget is bi-directional rule creation (I.e. thus the SEPs Local/Remote and Source/Dest categories)..
One thing that I don’t like is RDP not being in the list that Mithun (Thank you by the way also) states. RDP is a big no-no to leave wide open when your node leaves the confines of your Network monitored fortress...
The "Allow ALL" is often required to get work done, especially for RND environments.
I just wanted to ensure that if a specific signature based attack hits, and might not match a rule, IPS fires first (As it technically does in fact, 99.9% sure:) ) and grabs said infection..
Thanks for the replies gang, as always, appreciated!