Enabling and disabling network anomaly detection rules

To enable or disable Network Anomaly Detection rules, you can change their status. Each rule can be assigned the Enabled or Disabled status. By default, the Enabled status is assigned to a rule after the rule is created.

If you assign the Disabled status to a rule, the application cancels the last run of the rule and assigns the Canceled status to this run. The last run of the rule is canceled if the run had a status of New, Awaiting data, Pending, or Running when the rule was disabled.

To change the status of Network Anomaly Detection rules:

1. Connect to the Kaspersky Industrial CyberSecurity for Networks Server through the web interface using an Administrator or Security Officer account.
2. Select Detection rules.
3. On the Network Anomaly Detection tab, select the rules for which you want to change the status.
4. Open the Change status drop-down list in the toolbar.
5. In the drop-down list, select the command to assign the required status.

Page top