• Create and use security profiles with specific signatures and anomalies you need per‑interface and per-rule.

• Do not use predefined or generic profiles. While these profiles are convenient to supply immediate protection, you should create profiles to suit your network environment.

• If you do use the default profiles, reduce the IPS signatures/anomalies enabled in the profile to conserve processing time and memory.

• If you are going to enable anomalies, make sure you tune thresholds according to your environment.

• If you need protection, but not audit information, disable the logging option.

• Tune the IP-protocol parameter accordingly.