Intrusion Prevention policy settings
This policy includes configuration options for protection against network and browser attacks. This policy applies to both Windows and Mac devices.
Options and Descriptions
Audit signatures are those signatures that detect certain traffic types but take no default action. You can edit these signatures to define default actions.
You can add one or more signatures at a time. Once you add signatures to this list, you can select more than one at a time to enable, log, disable, or remove them.
Applies to Windows only.
Signature Action Exceptions
Defines any exceptions to the default signature actions for non-audit signatures.
Logto disable and log is not supported for Mac devices.
You can add one or more signatures at a time. Once you add signatures to the exception list, you can select more than one at a time to enable, log, disable, or remove them.
User Notification Settings
Notifications are only sent for enabled signatures.
If you enable notifications for Intrusion Prevention, you also enable notifications for Memory Exploit Mitigation.
Out-of-band scanningchanges the processing model for networking traffic and may have compatibility issues with other Windows Filtering Platform (WFP) drivers. Therefore, if you enable this option, Symantec recommends that you test out-of-band scanning before you deploy it to your production environment. Performance characteristics vary depending on the workload.
Supported for Windows 8.1 and later.