Bewerken

Delen via


New-AzFirewallPolicyIntrusionDetection

Creates a new Azure Firewall Policy Intrusion Detection to associate with Firewall Policy

Syntax

New-AzFirewallPolicyIntrusionDetection
   -Mode <String>
   [-Profile <String>]
   [-SignatureOverride <PSAzureFirewallPolicyIntrusionDetectionSignatureOverride[]>]
   [-BypassTraffic <PSAzureFirewallPolicyIntrusionDetectionBypassTrafficSetting[]>]
   [-PrivateRange <String[]>]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

The New-AzFirewallPolicyIntrusionDetection cmdlet creates an Azure Firewall Policy Intrusion Detection Object.

Examples

Example 1: Create intrusion detection with mode

New-AzFirewallPolicyIntrusionDetection -Mode "Alert"

This example creates intrusion detection with Alert (detection) mode

Example 2: Create intrusion detection with signature overrides

$signatureOverride = New-AzFirewallPolicyIntrusionDetectionSignatureOverride -Id "123456798" -Mode "Deny"
New-AzFirewallPolicyIntrusionDetection -Mode "Alert" -SignatureOverride $signatureOverride

This example creates intrusion detection with specific signature override

Example 3: Create firewall policy with intrusion detection configured with bypass traffic setting

$bypass = New-AzFirewallPolicyIntrusionDetectionBypassTraffic -Name "bypass-setting" -Protocol "TCP" -DestinationPort "80" -SourceAddress "10.0.0.0" -DestinationAddress "10.0.0.0"
$intrusionDetection = New-AzFirewallPolicyIntrusionDetection -Mode "Deny" -BypassTraffic $bypass
New-AzFirewallPolicy -Name fp1 -Location "westus2" -ResourceGroupName TestRg -SkuTier "Premium" -IntrusionDetection $intrusionDetection

This example creates intrusion detection with bypass traffic setting

Example 4: Create firewall policy with intrusion detection configured with private ranges setting

$intrusionDetection = New-AzFirewallPolicyIntrusionDetection -Mode "Deny" -PrivateRange @("167.220.204.0/24", "167.221.205.101/32")
New-AzFirewallPolicy -Name fp1 -Location "westus2" -ResourceGroupName TestRg -SkuTier "Premium" -IntrusionDetection $intrusionDetection

This example creates intrusion detection with bypass traffic setting

Example 5: Create firewall policy with intrusion detection profile setting

$intrusionDetection = New-AzFirewallPolicyIntrusionDetection -Mode "Deny" -Profile �Advanced�
New-AzFirewallPolicy -Name fp1 -Location "westus2" -ResourceGroupName TestRg -SkuTier "Premium" -IntrusionDetection $intrusionDetection

This example creates intrusion detection with Alert and Deny mode and Advanced signatures Profile.

Parameters

-BypassTraffic

List of rules for traffic to bypass.

Type:PSAzureFirewallPolicyIntrusionDetectionBypassTrafficSetting[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Mode

Intrusion Detection general state.

Type:String
Accepted values:Off, Alert, Deny
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-PrivateRange

List of IDPS Private IP ranges.

Type:String[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Profile

Sets IDPS signatures profile.

Type:String
Position:Named
Default value:For newly created policy the default IDPS profile is �Standard� and for existing policy without IDPS profile setting, the default is �Advanced�
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-SignatureOverride

List of specific signatures states.

Type:PSAzureFirewallPolicyIntrusionDetectionSignatureOverride[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

None

Outputs

PSAzureFirewallPolicyIntrusionDetection