Comodo Help
Find the desired product help
Comodo Dome Firewall

Comodo Dome Firewall

Dome Firewall Virtual Appliance Admin Guide

English

Print Help Download Help
Configure DFW Virtual Appliance Services And Protection Settings > Intrusion Prevention > Manage IPS Rulesets
  • Introduction To Comodo Dome Firewall - Virtual Appliance
    • Install Dome Firewall And Login To The Administrative Console
  • The Main Interface
  • The Dashboard
  • View And Modify System Status And General Configuration
    • Manage Admin Accounts
      • Add And Manage Administrators
      • Manage Administrative Roles
    • License Activation
    • SNMP Settings
    • Central Management
    • Configure SSH Access
    • High Availability
    • View And Update Firmware Version
    • Create And Schedule Backup Of DFW State
      • Manually Create A Backup
      • Schedule Backup Operations
      • Encrypt Backup Archives
      • Export A Backup
      • Import A Backup Archive From A Local Computer
      • Roll Back The Virtual Appliance To A Previous Time Point
      • Reset The Virtual Appliance To Factory Defaults
    • Shutdown Or Restart The Dome Firewall Virtual Appliance
  • View DFW Virtual Appliance Status
    • System Status
    • Network Status
    • System Usage Summaries
    • Network Traffic
    • Network Connections
    • SSLVPN Connections
  • Network Configuration
    • Configure Interface Devices, Uplinks And VLANs
      • Configure Interface Devices
      • Add And Manage Gateway Uplink Devices
      • Create VLANs
    • Routes
      • Add And Manage Static Routes
      • Add And Manage Policy Routing Rules
  • Configure DFW Virtual Appliance Services And Protection Settings
    • DHCP Server
    • Advanced Threat Protection
      • Manage The ATP Profiles
      • Comodo Antivirus
    • Time Server
    • Intrusion Prevention
      • Configure Intrusion Prevention System
      • Manage IPS Rulesets
      • Manage Application Identification Rulesets
    • Configure Wireless Hotspot
      • Configure Captive Portal Service
      • Customize The Login Page
      • Add And Manage Permanent Users
    • Internet Content Adaptation Protocol
    • Quality Of Service
  • Manage Firewall Configuration
    • Firewall Objects
      • Manage Firewall Address Objects
      • Manage Firewall Object Groups
      • Manage Firewall Schedules
      • Active Directory Integration
    • Destination Network Address Translation
    • Source Network Address Translation
    • Configure System Access
    • Configure Firewall Policy Rules
      • Manage Firewall Policy Rules
      • Manage VPN Firewall Rules
  • Configure Proxy Services
    • HTTP/HTTPS Proxy Server
      • Configure URL And Content Filtering
      • HTTPS Proxy
  • Configure Virtual Private Network Settings
    • SSL VPN Server
      • Configure General SSL VPN Server Settings
      • Manage SSL VPN Client Accounts
      • Configure Advanced SSL VPN Server Settings
      • Configure Clients To Connect To Dome Firewall
    • IPsec Configuration
    • Configure L2TP Server
    • Configure IPSec/L2TP Users
  • View Logs
    • Realtime Logs
    • Configure Log Settings
    • Generate Reports
  • Appendix - Minimum Requirements For Software Installations

Manage IPS Rulesets


The 'IPS Rules' interface displays a list of currently loaded IPS rulesets. Each ruleset contains settings to allow or block specific data packets.


To open the IPS Rules interface

  • Click 'Services' > 'Intrusion Prevention' in the left-hand menu
    • Click the 'IPS Rules' tab




    Rules Table - Column Descriptions

    Column

    Description

    Rule filename

    The name of the .rules file that contains the constituent rules of the ruleset.

    Rules count

    Indicates the number of constituent rules in the rule set.

    Actions

    Displays control buttons for the ruleset.


    - The checkbox allows the administrator to switch the ruleset between enabled and disabled states.


    / - Indicates the application policy of the ruleset and enables the administrator to toggle the policy. See Changing application policy of rulesets for more details.


    - Removes the ruleset.


    The interface allows the administrator to:
    • Enable/Disable rulesets
    • Change application policy of rulesets
    • Remove rulesets

      Enabling/Disabling Rulesets

      The rulesets can be enabled or disabled individually or collectively from the Rules interface.

      • To enable or disable a single ruleset, select or unselect the checkbox beside the ruleset in the 'Actions' column
      • To enable inactive rulesets collectively, select the rules by marking the checkboxes at the left of the rulesets to be enabled and click the 'Enable' button from the bottom of the right pane.
      • To disable active rulesets collectively, select the rules by marking the checkboxes at the left of the rulesets to be disabled and click the 'Disable' button from the bottom of the right pane.
      • After making the changes, click the Apply button in the confirmation pane that appears at the top to apply the changes.



      Changing application policy of rulesets

      A ruleset can be applied in two ways:

      • Alert Policy - The IPS generates an alert when a data packet matching a rule in the ruleset is encountered and passes the packet. The policy is indicated by alert icon
      • Drop Policy - The IPS blocks the data packet matching a rule in the ruleset without generating an alert. The policy is indicated by shield icon

      The administrator can toggle the application policy for individual rulesets or for group of rulesets.

      • To toggle the policy of a ruleset from 'Alert' policy to 'Drop' policy, click the 'Alert' icon in the row of the ruleset under the 'Actions' column
      • To toggle the policy of a ruleset from 'Drop' policy to 'Alert' policy, click the 'Shield' icon in the row of the ruleset under the 'Actions' column
      • To toggle the policy of a group of rulesets with 'Alert' policy to 'Drop' policy, select the rulesets by marking the checkboxes at the left of the ruleset file names and click the 'Drop' button at the bottom of the interface
      • To toggle the policy of a group of rulesets with 'Drop' policy to 'Alert' policy, select the rulesets by marking the checkboxes at the left of the ruleset file names and click the 'Alert' button at the bottom of the interface
      • After making the changes, click the Apply button in the confirmation pane that appears at the top to apply the changes.

      Remove rulesets


      Unwanted rulesets can be removed from Comodo Dome Firewall from the Rules interface.
      • To remove a single ruleset click the delete icon  in the row of the ruleset filename, under 'Actions' column and click 'OK' in the confirmation dialog.
      • To remove a group of rulesets collectively, select the them by marking the checkboxes at the left of the ruleset file names and click the 'Delete' button at the bottom of the interface. Click 'OK' in the confirmation dialog.

      Our Products
      • Free Antivirus
      • Free Internet Security
      • Website Malware Removal
      • Free Anti-Malware
      • Anti-Spam (Free Trial)
      • Windows Antivirus
      • Antivirus for Windows 7
      • Antivirus for Windows 8
      • Antivirus for Windows 10
      • Antivirus for MAC
      • Antivirus for Linux
      • Free Endpoint Security
      • Free ModSecurity
      • Free RMM
      • Free Website Malware Scanner
      • Free Device Manager for Android
      • Free Demo
      • Network Security
      • Endpoint Protection
      • Antivirus for Android
      • Comodo Antivirus
      • Wordpress Security
      Cheap CDN
      • Bootstrap CDN
      • Semantic UI CDN
      • Jquery CDN
      • CDN Plans
      • CDN
      • Free CDN
      Enterprise
      • Patch Management Software
      • Patch Manager
      • Service Desk
      • Website Down
      • Endpoint Protection Solutions
      • Website Security Check
      • Remote Monitoring and Management
      • Website Security
      • Device Manager
      • ITSM
      • CRM
      • MSP
      • Android Device Manager
      • MDR Services
      • EDR Services
      • Ransomware Prevention
      • Managed IT Support Services
      • EDR
      Free SSL Certificate
      Support Partners Terms and Conditions Privacy Policy

      © Comodo Group, Inc. 2023. All rights reserved.