Checks whether virtual patching is enabled for the intrusion prevention system (IPS) of Cloud Firewall. If so, the evaluation result is Compliant.
Scenarios
When system vulnerabilities are not updated in a timely manner, you can enable virtual patching for the IPS of Cloud Firewall to allow Cloud Firewall to block attacks for known vulnerabilities. This effectively protects business systems from being compromised.
Risk level
Default risk level: medium.
When you apply this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
If virtual patching is enabled for the IPS of Cloud Firewall, the evaluation result is Compliant. After you enable the virtual patching feature, Cloud Firewall protects your assets against common high-risk vulnerabilities and urgent vulnerabilities in real time. This feature provides hot patches at the network layer to protect your business against high-risk vulnerabilities and urgent vulnerabilities that can be remotely exploited. This helps intercept vulnerability exploits in real time and prevents business interruption when vulnerabilities are being fixed. If Cloud Firewall is used but virtual patching is disabled, the evaluation result is Non-compliant.
Rule details
Parameter | Description |
Rule template name | cfw-ips-patchrules-on |
Rule template identifier | |
Automatic remediation | ACS-Cloudfw-ModifyIPSConfig supported |
Trigger type | Periodic: Every 24 hours |
Supported resource type | ACS::::Account |
Input parameter | None |
Non-compliance remediation
For more information, see IPS configuration.