Writing New Rules

Procedure

Step 1	Choose Objects > Intrusion Rules.
Step 2	Click Create Rule.
Step 3	Enter a value in the Message field.
Step 4	Choose a value from each of the following drop-down lists: Classification Action Protocol Direction
Step 5	Enter values in the following fields: Source IPs Destination IPs Source Port Destination Port The system uses the value `any` if you do not specify a value for these fields.
Step 6	Choose a value from the Detection Options drop-down list.
Step 7	Click Add Option.
Step 8	Enter any arguments for the keyword you added.
Step 9	Optionally, repeat steps 6 to 8.
Step 10	If you added multiple keywords, you can: Reorder keywords — Click the up or down arrow next to the keyword you want to move. Delete a keyword — Click the X next to that keyword.
Step 11	Click Save As New.

Enable your new or changed rules within the appropriate intrusion policy; see Viewing Intrusion Rules in an Intrusion Policy.
Deploy configuration changes.