search cancel

Use of wildcards in DCS/SCSP IPS policies.

book

Article ID: 161485

calendar_today

Updated On:

Products

Critical System Protection Data Center Security Server Advanced

Issue/Introduction

You wish to know how wildcards can be used in DCS/SCSP IPS policies.

Resolution

An asterisk (*) can be used as a wildcard, but it will only match a filename or a single directory rather than a full path. To match a full path, multiple asterisks seperated by backslashes(\) are required.

For example, the path "C:\temp\mybatch.bat" can be represented by the following sequence:

*\*\mybatch.bat

or

*\*\*.bat

Be aware that use of wildcards in IPS policies carries the risk of potential subversion of security controls. The most secure configuration is to use the full path at all times in the policy.