set ips engine-settings

Description

Configures advanced IPS engine settings. This command configures if and when IPS will deactivate upon high resource consumption of the device.

Syntax

set ips engine-settings [ protection-scope <protection-scope> ] [ bypass-under-load { true [ bypass-track <bypass-track>] [ gateway-load-thresholds [ cpu-usage-low-watermark <cpu-usage-low-watermark>] [ cpu-usage-high-watermark <cpu-usage-high-watermark> ] [ memory-usage-low-watermark <memory-usage-low-watermark> ] [ memory-usage-high-watermark <memory-usage-high-watermark> ] [ threshold-detection-delay <threshold-detection-delay> ] ] | false } ]

Parameters

Parameter	Description
bypass-track	Indicates how the appliance will track events where the bypass mechanism is activated/deactivated Options: none, log, alert
bypass-under-load	Indicates if the IPS engine will move to bypass mode if the appliance is under heavy load Type: Boolean (true/false)
protection-scope	Indicates if the IPS blade will protect internal networks only or protect all networks (including external networks) Options: protect-internal-hosts-only, perform-ips-inspection-on-all-traffic

Parameter

Description

bypass-track

Indicates how the appliance will track events where the bypass mechanism is activated/deactivated

Options: none, log, alert

bypass-under-load

Indicates if the IPS engine will move to bypass mode if the appliance is under heavy load

Type: Boolean (true/false)

protection-scope

Indicates if the IPS blade will protect internal networks only or protect all networks (including external networks)

Options: protect-internal-hosts-only, perform-ips-inspection-on-all-traffic

Example

set ips engine-settings protection-scope protect-internal-hosts-only bypass-under-load true bypass-track none gateway-load-thresholds cpu-usage-low-watermark 75 cpu-usage-high-watermark 80 memory-usage-low-watermark 75 memory-usage-high-watermark 80 threshold-detection-delay 90