Accepting Rule Changes from a Custom Base Policy

When a custom network analysis or intrusion policy where you have not added layers uses another custom policy as its base policy, you must set a rule to inherit its rule state if:

  • you delete an event filter, dynamic state, or SNMP alert that is set for the rule in the base policy, and

  • you want the rule to accept subsequent changes that you make to it in the other custom policy that you use as your base policy

Procedure

Step 1

While editing your Snort 2 intrusion policy, expand Policy Layers in the navigation panel.

Step 2

Expand My Changes.

Step 3

Click the Rules link immediately beneath My Changes.

Step 4

Choose the rule or rules whose settings you want to accept. You have the following choices:

  • Choose specific rules — If you want to choose specific rules, check the check box next to each rule.
  • Choose all rules — If you want to choose all the rules in the current list, check the check box at the top of the column.

Step 5

Choose Inherit from the Rule State drop-down list.

Step 6

To save changes you made in this policy since the last policy commit, click Policy Information, then click Commit Changes.

If you leave the policy without committing changes, changes since the last commit are discarded if you edit a different policy.

What to do next

  • Deploy configuration changes.