Managing IPS Inspection profiles on SNS firewalls from SMC

In SMC, you can create filter rules referencing IPS Inspection profiles configured locally on firewalls by selecting their identifier (00 to 09).

IPS Inspection profiles

However you cannot set up these profiles directly in SMC and they may be different on each firewall even if they have the same identifier.

This section explains how to deploy common IPS Inspection profiles on all or part of your firewalls thanks to SMC, based on the profiles configured on a “template” firewall.

You will need two scripts to do so: a first one which allows collecting the profiles from the template firewall and another one which allows deploying these profiles on the selected firewalls.

IMPORTANT
The template firewall and the target firewalls must be in the same version.

To apply this procedure, follow the three steps below in the order given.