Creating a Signature Override
You can configure exceptions for Intrusion Prevention System (IPS) by creating signature overrides. New overrides only apply to future events and won't affect existing alerts.
To create a signature override:
Go to Settings > Threat Protection > IPS Settings.
Click the Signature Overrides tab.
Click New Override.
In the New Override window:
Signature: Select the signatures you want to inspect in your organization's traffic. You can search for a signature by name or ID.
References: Filter your signature search by Common Vulnerabilities and Exposures (CVE) references.
CVSS Severity: Filter your signature search by the Common Vulnerability Scoring System (CVSS).
Critical
High
Medium
Low
None
Status: Select one of the following options.
Enabled: Enable matching for the signatures.
Disabled: Disable matching for the signatures.
Action: Select one of the following options.
Alert: Allow traffic and send alerts based on the signature match.
Block: Block traffic based on the signature match.
If you enabled Alert Only Mode for signature matching, Alert is the default action, and you can't modify this field.
Click Save.
You can view these events in the Skope IT Alerts page.