Checks whether virtual patching is enabled for the intrusion prevention system (IPS) of Cloud Firewall. If virtual patching is enabled, the evaluation result is Compliant.
Scenarios
If system vulnerabilities cannot be patched promptly, you can enable virtual patching for the IPS of Cloud Firewall to block attacks that exploit known vulnerabilities and protect your business systems from being compromised.
Risk level
Default risk level: medium.
When you apply this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
If virtual patching is enabled for the IPS of Cloud Firewall, the evaluation result is Compliant. With virtual patching enabled, Cloud Firewall provides real-time protection against common high-risk and urgent vulnerabilities that can be remotely exploited, by applying hot patches at the network layer. This intercepts vulnerability exploits in real time and prevents business interruption while vulnerabilities are being fixed. If Cloud Firewall is in use but virtual patching is disabled, the evaluation result is Non-compliant.
Rule details
|
Parameter |
Description |
|
Rule template name |
cfw-ips-patchrules-on |
|
Rule template identifier |
|
|
Automatic remediation |
ACS-Cloudfw-ModifyIPSConfig supported |
|
Trigger type |
Periodic: Every 24 hours |
|
Supported resource type |
ACS::::Account |
|
Input parameter |
None |
Non-compliance remediation
For more information, see IPS configuration.