Set Intrusion Policy Preferences

Comments on policy change: Check this check box to track policy-related changes using the comment functionality when users modify intrusion policies. With policy change comments enabled, administrators can quickly assess why critical policies in a deployment were modified.

If you enable comments on policy changes, you can make the comment optional or mandatory. The management center prompts the user for a comment when each new change to a policy is saved.

Write changes in Intrusion Policy to audit log: Check this check box to record the changes to the intrusion policies to the audit logs. This option is enabled by default.

Retain user overrides for deleted Snort 3 rules: Check this check box to get notifications for changes to any overridden system-defined rules during LSP updates. When enabled, the system retains the rule overrides in the new replacement rules that are added as part of the LSP update. On the management center menu bar, click Notifications > Tasks to view the notifications. This option is enabled by default.