Forum Discussion
nathe
Oct 14, 2013Cirrocumulus
Yes, under Application Security, Policy, Policy, Properties there is a "Staging-Tightening Period" you can set. This defines the period in which any newly added signatures are placed in staging so, if triggered, just logs and doesn't block (even if policy mode is blocking). At the end of this period you can then enforce those sigs that haven't been triggered and/or make exceptions to any false positives that may have occurred on these new sigs (Policy Building - manual - Staging/tightening summary).
Also, you can choose to put updated sigs also in staging (check box when you do the update).
Hope this helps,
N