Configuring Intrusion Prevention Rules Detection Mode in Apex One Vulnerability Protection

Apex One as a ServiceAll , Apex CentralAll , Apex OneAll

Last updated: 2022/03/07

Solution ID: KA-0012159

Category: Configure

The following article presents how to change the Intrusion Prevention Rule detection modes in Apex One Vulnerability Protection.

To change the Intrusion Prevention Rules Detection Mode:

Login to Apex Central.
Go to Policies > Policy Resources > Intrusion Prevention Rules.
Search for the rule to be modified.
Click on Detect Only or Prevent listed under Mode.

^{Click the image to enlarge.}
On the new window, select the desired mode.
- Prevent – Blocks the activity that triggered the rule
- Detect Only – Activity is allowed but is logged
Click on Save.
Verify if the Mode has been changed to the desired entry.

^{Click the image to enlarge.}
Go to Policies > Policy Management.
Select the associated policy.
Go to the Vulnerability Protection column, and ensure that it is enabled.
Scroll down, and click on Deploy.

Modifying an Intrusion Prevention rule would be in a global scale and not per policy. It would be best to perform observation and testing before performing any changes
Apex One (On-Premise) customers need the following product builds to have this feature:
- Apex Central Patch 2
- Apex One Patch 5

Was this article helpful?