All Products
Search
Document Center

Cloud Config:cfw-ips-runmode-on

Last Updated:Jun 17, 2026

Checks whether the block mode is enabled for the Cloud Firewall intrusion prevention system (IPS) to block malicious traffic and intrusion attempts. If the block mode is enabled, the evaluation result is Compliant.

Scenarios

Enabling the block mode for the Cloud Firewall IPS allows Cloud Firewall to block malicious traffic and attack behaviors in real time, protecting internal networks and applications from intrusion threats.

Risk level

Default risk level: high.

When you apply this rule, you can change the risk level based on your business requirements.

Compliance evaluation logic

If the block mode is enabled for the Cloud Firewall IPS, the evaluation result is Compliant. Cloud Firewall then blocks malicious traffic and intrusion attempts. If Cloud Firewall is used but the block mode is disabled, the evaluation result is Non-compliant.

Rule details

Parameter

Description

Rule template name

cfw-ips-runmode-on

Rule template identifier

cfw-ips-runmode-on

Automatic remediation

ACS-Cloudfw-ModifyIPSConfig supported

Trigger type

Periodic: Every 24 hours

Supported resource type

ACS::::Account

Input parameter

None

Non-compliance remediation

For more information, see IPS configuration.