To enable Intrusion Prevention alerts regardless of assigned policy to the protected machines, here are the steps on how to configure on Intrusion Prevention rule level:
- From the Deep Security Manager Console, go to the Policies tab and then click on the Rules option from the left column.
- Next, select the Intrusion Prevention Rules and locate the specific rule that needs alerting (eg: 1000128, as shown in the sample screenshot below):
Click the image to enlarge.
- Open the Properties window of the rule and navigate to the Options tab. Check the box for alerts to enable email alerts for machines assigned to the IPS rule.
If the Inherited state is still set for the computer policies, the alert will be automatically enabled for the assigned IPS rule.