Intrusion protection
• Create and use security profiles with specific signatures and anomalies you need per‑interface and per-rule.
• Do not use predefined or generic profiles. While these profiles are convenient to supply immediate protection, you should create profiles to suit your network environment.
• If you do use the default profiles, reduce the IPS signatures/anomalies enabled in the profile to conserve processing time and memory.
• If you are going to enable anomalies, make sure you tune thresholds according to your environment.
• If you need protection, but not audit information, disable the logging option.
• Tune the IP-protocol parameter accordingly.
See Also