Deleting a user-defined IDS rule

When working in distributed solution mode, users with the Senior security officer role can delete only a user-defined IDS rule that was imported into the current server. It means that in the PCN web interface, you can only delete a rule that was created on the PCN. In the SCN web interface, you can only delete a rule that was created on the SCN.

To delete a user-defined IDS rule:

1. In the window of the program web interface, select the User rules section, IDS subsection.
2. This opens the user-defined IDS rule window. Click Delete.

   This opens the action confirmation window.

3. Click Yes.

The rule is deleted.

You cannot delete IDS rules defined by Kaspersky. If you do not want to use a Kaspersky IDS rule for scanning, add it to exclusions.

Users with the Security auditor role cannot delete user-defined IDS rules.

Users with the Security officer role cannot gain access to user-defined IDS rules.

See also Importing a user-defined IDS rule Viewing the information of a user-defined IDS rule Enabling and disabling the use of an IDS rule when scanning events Configuring the importance of alerts generated by the user-defined IDS rule Replacing a user-defined IDS rule Downloading a user-defined IDS rule file to the computer

Page top