Enabling and disabling sets of Intrusion Detection rules

Sets of Intrusion Detection rules can be either Enabled or Disabled. If a set of rules is disabled, no rules in this set are used for Intrusion Detection.

Whenever you enable or disable selected rule sets on all computers that have application components installed (Server and sensors), the Intrusion Detection system is restarted. A restart is required to apply the changes.

Only users with the Administrator role can change the states of sets of Intrusion Detection rules.

To change the state of Intrusion Detection rule sets:

1. Connect to the Kaspersky Industrial CyberSecurity for Networks Server through the web interface using the Administrator account.
2. In the Intrusion Detection section, select the sets of rules whose state you want to change.
3. Right-click to open the context menu.
4. In the context menu, select one of the following options:
   • Enable if you want to enable all disabled sets of rules from among the selected rule sets.
   • Disable if you want to disable all enabled sets of rules from among the selected rule sets.
   • Change the statuses of selected rule sets if you want to invert the state of all selected rule sets. This option lets you quickly enable or disable selected sets of rules with different statuses on all computers that have application components installed, and the Intrusion Detection System will be restarted on all computers at the same time to apply all the changes together.

   A window with a confirmation prompt opens.

5. In the prompt window, click OK.