What can I do here?
Use this window to exclude protections from staging mode. The exclusion is based on their impact on performance and severity.
Getting Here - Security Policies > Threat Prevention > Policy > Threat Tools > Profiles > Profile > IPS section > Updates Policy > Set activation as Staging mode > Configure |
There are numerous protections available in IPS. It takes time to become familiar with those that are relevant to your environment. Some are easily configured for basic security and can be safely activated automatically.
In the Threat Prevention profile, you can configure an updates policy for IPS protections that were newly updated. You can do this with the IPS > Updates page in the Profiles navigation tree. Select one of these settings for Newly Updated Protections:
Set activation as staging mode - Selected by default. Newly updated protections will remain in staging mode until you change their configuration. The default action for the protections is Detect. You can change the action manually in the IPS Protections page.
Click Configure to exclude protections from the staging mode.
Best Practice - Allow IPS to activate protections based on the IPS policy in the beginning. During this time, you can analyze the alerts that IPS generates and how it handles network traffic, while you minimize the impact on the flow of traffic. Then you can manually change the protection settings to suit your needs.