Modifying the Action of a Basic Protection Rule

Constraints

• The action of a manually modified rule remains unchanged even if Protection Mode is changed.
• The constraints on manually modified actions are as follows:
  • The actions of up to 3000 rules can be manually changed to observation.
  • The actions of up to 3000 rules can be manually changed to interception.
  • The actions of up to 128 rules can be manually changed to disabling.

Procedure

1. Log in to the management console.
2. Click in the upper left corner of the management console and select a region or project.
3. In the navigation pane on the left, click and choose Security & Compliance > Cloud Firewall. The Dashboard page will be displayed.
4. (Optional) Switch firewall instance: Select a firewall from the drop-down list in the upper left corner of the page.
5. In the navigation pane, choose Attack Defense > Intrusion Prevention. Click View Effective Rules under Basic Protection. The Basic Protection tab is displayed.
6. (Optional) To view the parameter details of a type of rules, set filter criteria in the input box above the list.
7. Click an action in the Operation column.
   • Observe: The firewall logs the traffic that matches the current rule and does not block the traffic.
   • Intercept: The firewall logs and blocks the traffic that matches the current rule.
   • Disable: The firewall does not log or block the traffic that matches the current rule.
   Figure 1 Changing the current action
   
   

   • The action of a manually modified rule remains unchanged even if Protection Mode is changed. To restore the default action, select a rule and click Restore Default.
   • The constraints on manually modified actions are as follows:
     • The actions of up to 3000 rules can be manually changed to observation.
     • The actions of up to 3000 rules can be manually changed to interception.
     • The actions of up to 128 rules can be manually changed to disabling.