Use the X-Force Virtual Patch functionality
for the Network IPS appliance to configure the block and quarantine
responses automatically for events that X-Force® recommends.
About this task
Navigating
in the Network IPS Local Management Interface: Secure
Protection Settings > Security
Modules > X-Force Virtual Patch
Note: Settings
on the X-Force Virtual Patch page do not apply
to security events that are marked as User Overridden on
the Security Events page. Set X-Force settings before your custom security
events. To find out what security events are marked User
Overridden, group events by User Overridden on
the Security Events page.
Procedure
Choose a security setting from the Protection
Level list.
Note: The security settings that
are available in the Protection Level list
might change depending on which version of PAM the appliance is using.
Choose one of the following options in the Enable
X-Force recommended blocks area:
Option
Description
Always
Enables the block and quarantine
responses that X-Force recommends
for security events.
Note: X-Force blocking
is enabled
by default.
Through XPU
Enables X-Force recommended
block and quarantine responses for X-Press Updates (XPU) up to and
including a specific version.
Never
Specifies to not use X-Force recommended
block and quarantine responses.