You can create NSX IDS/IPS profiles to group signatures, which can then be applied to selected applications. You can create 100 custom profiles in addition to the default profile.

The default IDS profile includes critical severities and cannot be edited.

Procedure

  1. Navigate to Security > IDS/IPS & Malware Prevention > Profiles.
  2. Click Add Profile.
  3. Enter a name for this profile.
  4. (Optional) Enter a description for the profile and add tags.
  5. Select the required Intrusion Severities that you want to include in the profile.
  6. (Optional) Filter signatures to include in the profile by Attack Types, CVSS, Attack Targets, and Products Affected.
  7. To change the action on a specific signature, click Manage signatures for this profile and in the Action column, select the appropriate action.
  8. (Optional) To view only user-modified signatures, click Show only User modified signatures toggle button.
  9. Click Save to create the profile.

What to do next

Create IDS rules.