How to temporarily disable an IPS policy on Symantec Critical System Protection and Symantec Data Center Security (SCSP DCS)
Last Updated March 03, 2016
This document explains how to use the Policy Override tool in Symantec Critical System Protection and Data Center Security to disable intrusion prevention in the Prevention policy for an Agent on the Windows platform.
If the Policy Override Option is enabled in the Prevention policy, you can use the Policy Override tool at the Agent computer to override the Prevention policy. When you override the Prevention policy, intrusion prevention is disabled for that Agent.
To use the Policy Override tool to disable intrusion prevention
On the Start menu, click Programs > Symantec Critical System Protection > Policy Monitor or Programs > Symantec Data Center Security Server > Policy Monitor. This step displays the Monitor icon, which looks like a shield.
On the Windows taskbar, right-click the Monitor icon, and then click Policy Override Tool.
In the "Automatically enable after" list, select a time. At the time that you select, Symantec Critical System Protection will automatically re-enable the policy.
In the text box that is under the picture of an alphanumeric code number, type the code number that you see in the picture.
Click Disable. Symantec Critical System Protection now disables the Prevention policy. This action disables intrusion prevention for the Agent.
If you need to re-enable the policy and intrusion prevention before the time that you selected in step 3, repeat the previous steps. When you repeat the steps, click Enable in step 5 rather than Disable.
Imported Document ID: TECH112923
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe