This article will outline the process to override prevention using the sisipsoverride tool on Data Center Security (DCS) Linux Agents
Prerequisite: A user or group MUST be specified in the Policy Override section of the IPS policy being implemented on the agent
1. Login as a valid user to override the IPS policy (specified in the Policy Override section of the IPS policy)
2. Navigate to /opt/Symantec/sdcssagent/IPS
3. Run ./sisipsoverride.sh
4. Input the user's password for verification
5. Specify the amount of time to override prevention
6. Enter a comment for the override (optional)
To re-enable prevention or extend the time for override, you may do the following:
1. Run ./sisipsoverride.sh
2. Choose option 1 to enable prevention, or option 2 to extend the override time