You are here: Webhelp > Threat Prevention > IPS > IPS Global Configuration

IPS Global Configuration

Configuring the IPS global settings includes:

  • Enable the IPS function
  • Specify how to merge logs
  • Specify the work mode

Click Object > Intrusion Prevention System > Configuration to configure the IPS global settings.

Option Description
IPS Click/clear the Enable button to enable/disable the IPS function.
Log Aggregate Type System can merge IPS logs which have the same protocol ID, the same VSYS ID, the same Signature ID, the same log ID, and the same merging type. Thus it can help reduce the number of logs and avoid receiving redundant logs. The function is disabled by default. Select the merging types in the drop-down list:
  • Do Not Merge - Do not merge any logs.
  • Source IP - Merge the logs with the same Source IP.
  • Destination IP - Merge the logs with the same Destination IP.
  • Source IP, Destination IP - Merge the logs with the same Source IP and the same Destination IP.
Aggregate Time Specifies the time granularity for IPS threat log of the same merging type ( specified above) to be stored in the database. At the same time granularity, the same type of log is only stored once. It ranges from 10 to 600 seconds.
Mode Specifies a working mode for IPS:
  • IPS - If attacks have been detected, StoneOS will generate logs, and will also reset connections or block attackers. This is the default mode.
  • Log only - If attacks have been detected, StoneOS will only generate logs, but will not reset connections or block attackers.

After the configurations, click OK to save the settings.