Checks whether threat intelligence is enabled for the intrusion prevention system (IPS) of Cloud Firewall. Threat intelligence allows Cloud Firewall to scan for threats and block malicious behavior initiated from central control systems. If threat intelligence is enabled, the evaluation result is Compliant.
Scenarios
Enable threat intelligence for the IPS of Cloud Firewall to promptly detect and defend against attack behaviors based on the latest security threats, protecting enterprise networks from emerging threats.
Risk level
Default risk level: medium.
When you apply this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
If threat intelligence is enabled for the IPS of Cloud Firewall, the evaluation result is Compliant. If Cloud Firewall is used but threat intelligence is disabled, the evaluation result is Non-compliant.
Rule details
|
Parameter |
Description |
|
Rule template name |
cfw-ips-ctirules-on |
|
Rule template identifier |
|
|
Automatic remediation |
ACS-Cloudfw-ModifyIPSConfig supported |
|
Trigger type |
Periodic: Every 24 hours |
|
Supported resource type |
ACS::::Account |
|
Input parameter |
None |
Non-compliance remediation
For more information, see IPS configuration.