Configuring miscellaneous settings for security events

Use the miscellaneous settings area of the Security Events page for the Network IPS appliance to set event throttling and to view specific information about the event.

About this task

Navigating in the Network IPS Local Management Interface: Secure Protection Settings > Advanced IPS > Security Events

Navigating in the SiteProtector™ system: select the Security Events policy

Procedure

  1. Click the Add icon.
  2. Select the Enabled check box.
  3. Configure or view the following options:
    Option Description
    XPU Displays the X-Press Update version (XPU) in which the appliance released the vulnerability check.
    Note: This field is a read-only field that the appliance displays with existing events.
    Event Throttling Sets a time window (in seconds) during which multiple events are reported only once.
    Tip: Use this feature to prevent your console from being overrun with duplicate events that potentially mask a more dangerous event.
    Note: The zero value disables event throttling.
    Check Date Displays the month and the year of the vulnerability check.
    Note: This field is a read-only field that is displayed for existing events.
    Default Protection Displays the default protection set for the event, such as Block. These are blocking rules that are used by IBM® X-Force® for any signatures that have a blocking recommendation.
    Note: This field is a read-only field that the appliance displays with existing events only. This setting is useful if you change a blocking response and would like to know what action X-Force took.
    User Overridden Indicates a custom event when you create an event.
    Notes:
    • This field is a read-only field.
    • In the list on the Security Events page, this item appears as checked for both custom events and existing events that you edit.

What to do next

On the Add Security Events window, you can configure general settings, such as logging evidence, specifying a protection domain, and configuring responses.