Endpoint Protection

 View Only

  • 1.  Custom Intrusion Protection Signatures on "Off-Site" Location?

    Posted Feb 23, 2017 04:53 PM

    Hello,

    I have a group with a specific set of "Custom Intrusion Prevention Signatures" enabled. What I would like to do is add a second "Off-Site" location to that same group, that has a different set of Custom Intrusion Prevention Signatures. Is that possible?

    Thanks for any suggestions,

    -Mike



  • 2.  RE: Custom Intrusion Protection Signatures on "Off-Site" Location?

    Posted Feb 23, 2017 05:07 PM
    Yep just add the new location and replace the policy with whatever you want. Each location can have its own policy.


  • 3.  RE: Custom Intrusion Protection Signatures on "Off-Site" Location?

    Posted Feb 23, 2017 05:30 PM

    Thanks for the reply Brian...

    So for the standard Intrusion Prevention Policy I can see how that would work, but "Custom Intrusion Prevention" is up top in the "Location-Independent Policies and Settings". And I should have stated, these are OU's, not groups, so I can't (easily) just create a new group and assign a different custom policy to it. Make sense...or am I missing the boat?

    -Mike



  • 4.  RE: Custom Intrusion Protection Signatures on "Off-Site" Location?

    Posted Feb 23, 2017 05:36 PM
    Hmm.. Good question! I don't think you can use location awareness for Custom IPS rules. You should make a feature request to merge normal IPS and Custom IPS into the same type of policy. It doesn't make sense to have it as a group setting imho


  • 5.  RE: Custom Intrusion Protection Signatures on "Off-Site" Location?

    Posted Feb 23, 2017 05:37 PM
    Yea sorry, I read it as you created a custom IPS policy. As far as I know you can't do this. You'd need to create a new group and move clients which just wouldn't make sense.