Creating a Custom Snort 2 Intrusion Policy
Procedure
Step 1 | Choose . |
Step 2 | Click Create Policy. If you have unsaved changes in another policy, click Cancel when prompted to return to the Intrusion Policy page. Ensure the Intrusion Policies tab is selected. |
Step 3 | Enter a unique Name and, optionally, a Description. |
Step 4 | Choose the Inspection Mode. The selected action determines whether intrusion rules block and alert (Prevention mode) or only alert (Detection mode). |
Step 5 | Choose the initial Base Policy. You can use either a system-provided or another custom policy as your base policy. |
Step 6 | Click Save. The new policy has the same settings as its base policy. |