All Products
Search
Document Center

Cloud Config:cfw-ips-ctirules-on

Last Updated:Jun 17, 2026

Checks whether threat intelligence is enabled for the intrusion prevention system (IPS) of Cloud Firewall. Threat intelligence allows Cloud Firewall to scan for threats and block malicious behavior initiated from central control systems. If threat intelligence is enabled, the evaluation result is Compliant.

Scenarios

Enable threat intelligence for the IPS of Cloud Firewall to promptly detect and defend against attack behaviors based on the latest security threats, protecting enterprise networks from emerging threats.

Risk level

Default risk level: medium.

When you apply this rule, you can change the risk level based on your business requirements.

Compliance evaluation logic

If threat intelligence is enabled for the IPS of Cloud Firewall, the evaluation result is Compliant. If Cloud Firewall is used but threat intelligence is disabled, the evaluation result is Non-compliant.

Rule details

Parameter

Description

Rule template name

cfw-ips-ctirules-on

Rule template identifier

cfw-ips-ctirules-on

Automatic remediation

ACS-Cloudfw-ModifyIPSConfig supported

Trigger type

Periodic: Every 24 hours

Supported resource type

ACS::::Account

Input parameter

None

Non-compliance remediation

For more information, see IPS configuration.