Enable Snort inspection for NGFW Engines
Enable Snort inspection for each NGFW Engine where you want to use Snort inspection.
Before you begin
For more details about the product and how to configure features, click Help or press F1.
Steps
Next steps
- If you want to override settings in the global Snort configuration for specific NGFW Engines, import Snort configuration files for individual NGFW Engines.
- Create Access rules to select traffic for Snort inspection.
Engine Editor > Add-Ons > Snort
Use this branch to override settings in the global Snort configuration for specific NGFW Engines.
Option | Definition |
---|---|
Enable | When selected, enables Snort inspection for the NGFW Engine. Note: To apply Snort inspection to traffic, you must also create Access rules to select traffic for Snort inspection.
|
Snort Configuration
(Optional) |
The externally created Snort configuration .zip file that contains the Snort configuration files and rules for Snort inspection.
All NGFW Engines for which Snort inspection is enabled use the global Snort configuration by default. If you do not want to override settings in the global Snort configuration, it is not necessary to import a Snort configuration file for an individual NGFW Engine. Settings in the Snort configuration .zip file for an individual NGFW Engine are combined with the settings in the global Snort configuration .zip file. If any configuration files in a Snort configuration .zip file for an individual NGFW Engine have the same files name and paths as configuration files in the global Snort configuration .zip file, the overlapping files in the global Snort configuration .zip file are ignored. |