search cancel

How to temporarily disable an IPS policy on Symantec Critical System Protection and Symantec Data Center Security (SCSP DCS)

book

Article ID: 151814

calendar_today

Updated On:

Products

Critical System Protection Data Center Security Server Data Center Security Server Advanced

Issue/Introduction

This document explains how to use the Policy Override tool in Symantec Critical System Protection and Data Center Security to disable intrusion prevention in the Prevention policy for an Agent on the Windows platform.

Resolution

If the Policy Override Option is enabled in the Prevention policy, you can use the Policy Override tool at the Agent computer to override the Prevention policy. When you override the Prevention policy, intrusion prevention is disabled for that Agent.

To use the Policy Override tool to disable intrusion prevention

  1. On the Start menu, click Programs > Symantec Critical System Protection > Policy Monitor or Programs > Symantec Data Center Security Server > Policy Monitor.
    This step displays the Monitor icon, which looks like a shield.
  2. On the Windows taskbar, right-click the Monitor icon, and then click Policy Override Tool.
  3. In the "Automatically enable after" list, select a time.
    At the time that you select, Symantec Critical System Protection will automatically re-enable the policy.
  4. In the text box that is under the picture of an alphanumeric code number, type the code number that you see in the picture.
  5. Click Disable.
    Symantec Critical System Protection now disables the Prevention policy. This action disables intrusion prevention for the Agent.


If you need to re-enable the policy and intrusion prevention before the time that you selected in step 3, repeat the previous steps. When you repeat the steps, click Enable in step 5 rather than Disable.

Attachments