For Network IPS appliances, assign user-defined
events
to the global protection domain to apply them across all segments
in the network. To configure user-defined event policies for specific
segments, create custom protection domains for each segment.
Notes: - Do not use the same name for events that have
different contexts
and query strings. If you do use the same name, it is difficult to
determine which event occurred.
- If you have events with the
same name, one assigned to the global
protection domain and one assigned to a custom protection domain,
only the event that is assigned to the custom domain generates an
alert. Otherwise, the appliance reports the event that is assigned
to the global protection domain.
- If you have two user-defined
events that are the same but have
different names, when one event is triggered, each event generates
its own alert.