Unable to add a second prevention policy to a security group.
search cancel

Unable to add a second prevention policy to a security group.

book

Article ID: 387987

calendar_today

Updated On:

Products

Data Center Security Server Advanced Data Center Security Server Data Center Security Monitoring Edition

Issue/Introduction

You are attempting to add an additional IPS policy to a security group and it will not allow it.

Environment

DCS 6.x

Cause

This is working as designed

Resolution

There are two types of IPS Policies that can be used.

  • Full Base Policy (also know as the Entry Point Policy) - Max: 1
  • Custom Workload Policy - Can be added with 1 Base Policy


You can only have one full base IPS policy in a security group. 

You can add additional Custom Workload Polices to it.
NOTE: Before applying any Custom Workload policy, you must first apply the Full Base policy.

A Workload Policy is one specific to a workload, like Exchange, Mysql, etc. These have the name "workload" in the policy name and must be used with a Full Base Policy.
They are also listed under the Custom Prevention Policy in UMC.

Powered by Wolken Software