About Tenable dynamic objects in IDS, IPS, and access control policies

You can use IPS, IDS, and access control policies and rules to monitor or block traffic to and from servers with vulnerabilities identified by the Tenable connector:

1. To monitor traffic and inform you about vulnerabilities without blocking the traffic, create an intrusion detection system (IDS) policy with recommendations.

2. To monitor traffic, inform you about vulnerabilities, and block matching traffic, create an intrusion prevention system (IPS) policy with recommendations.

3. Create a new access control policy or add rules to an existing policy. Associate your IDS or IPS policy with an access control rule.

More information about intrusion policies:

• Overview of Intrusion Policies

• Create a Custom Snort 3 Intrusion Policy

• Overview of Secure Firewall Recommended Rules

• Generate New Secure Firewall Recommendations in Snort 3

More information about access control policies:

• Access Control Rule Configuration to Perform Intrusion Prevention