Snort inspection configuration overview

The configuration of Snort inspection consists of these general steps.

1. Prepare Snort configuration files.
2. Import Snort configuration files globally to configure default settings for Snort inspection for all Engines.
3. (Optional) Import Snort configuration files for individual Engines to override settings in the global Snort configuration for specific Engines.

   Settings in the Snort configuration .zip file for an individual Engine are combined with the settings in the global Snort configuration .zip file. If any configuration files in a Snort configuration .zip file for an individual Engine have the same files name and paths as configuration files in the global Snort configuration .zip file, the overlapping files in the global Snort configuration .zip file are ignored.

4. Enable Snort inspection for Engines.
5. Create Access rules to select traffic for Snort inspection.