Security inspection
General
Inspection level field
| IPS (Detect and block) | If this option is selected, Stormshield Network’s IPS (Intrusion Prevention System) will detect and block intrusion attempts, from the Network level to the Application level in the OSI model. |
| IDS (Detect) | If this option is selected, Stormshield Network’s IDS (Intrusion Detection System) will detect intrusion attempts on your traffic, without blocking them. |
| Firewall (Do not inspect) | This option only provides access to basic security functions and will merely filter your traffic without inspecting it. |
Inspection profile
| Depending on the direction of the traffic, IPS_ 00 to 09 | You can customize the configuration of your security inspection by assigning a predefined policy to it, which will appear in the filter table. Numbered configurations can be renamed in the menu Application protection > Inspection profiles. The value suggested by default (Depending on the direction of the traffic) uses the IPS_00 profile for incoming traffic and the profile IPS_01 for outgoing traffic. |
Application inspection
| Antivirus | The On  / Off  buttons allow you to enable or disable the antivirus in your filter rule.Antivirus analyses will only be run on HTTP, FTP, SMTP, POP3 protocols and on their variants in SSL. They can be configured for each of these protocols in the menu Application protection > Protocols. |
| Sandboxing | The On /Off buttons allow you to enable or disable sandboxing (malicious files) in your filter rule. Do note that Advanced antivirus must be used when this option is enabled. Antivirus analyses will only be run on HTTP, FTP, SMTP, POP3 protocols and on their variants in SSL. They can be configured for each of these protocols in the menu Application protection > Protocols. |
| Antispam | The On/ Off buttons allow you to enable or disable the antispam in your filter rule. This analysis is only run on SMTP, POP3 protocols and on their variants in SSL. They can be configured for each of these protocols in the menu Application protection > Protocols. |
| URL filtering | To enable this filtering method, select an URL filter profile from the suggested profiles. |
| SMTP filtering | To enable this filtering method, select an SMTP filter profile from the suggested profiles. Selecting the SMTP filter policy also enables the POP3 proxy in the event the filter rule allows the POP3 protocol. |
| FTP filtering | The On/ Off buttons allow you to enable or disable FTP filtering in your filter rule, in line with the FTP commands defined in FTP plugin (Protocols module). |
| SSL filtering | To enable this filtering method, select an SSL filter profile from the suggested profiles. |