Why aren most of Intrusion Preventions rules blocked by default?
Because most of the rules can block non-malicious traffic in addition to malicious exploits. To make things easy for you, Untangle evaluated each rule and numerous networks, and determined the appropriate default settings for each rule using the following criteria: • If the rule is always known to block malicious exploits, Intrusion Prevention blocks and logs this rule by default. • If the rule is sometimes known to block malicious exploits, Intrusion Prevention logs this rule by default. • If the rule is never known to block malicious exploits, Intrusion Prevention neither blocks nor logs this rule by default. To change the defaults, go to Blocking or Logging using Intrusion Prevention Rules.