APPLICATIONS AND PROTECTIONS

In this module, you will be able to manage the configuration of your alarms generated by the firewall’s applications and protection modules.

Note that titles of alarms are shown in the language of the firewall (Firewall language field in the General configuration tab in the System > Configuration module) instead of the language used during the connection to the web administration interface.

An inspection profile (IPS_00) is a set of application profiles (default00 – See the module Protocols). An application profile contains the configuration of the alarms from a protocol scan that can be modified in this module. Its other configuration elements can be accessed in the corresponding “Protocols” menu.

To configure inspection profiles according to these application profiles, go to the module Inspection profiles and click on Go to profiles.

The signatures of these alarms are regularly updated via Active Update for products under maintenance (IPS: contextual protection signatures) and if this database is enabled in the Active Update configuration (module Configuration / System / Active Update).

Whether these alarms are raised therefore depends on the configuration of these protocol scans as well as the security policy applied.

In this module, the alarm configuration is divided into two views:

  • “view by inspection profile” (also called “ view by configuration”)
  • ”view by context” (also called “view by protocol”)