Event: Configuration package too large

The event message "Configuration package too large" appears after applying a change to a policy. This is usually due to having too many intrusion prevention rules manually assigned to a policy.

To resolve this issue, you need to unassign the manually assigned intrusion prevention rules and run a recommendation scan on the computer and then apply the recommended rules only.

1. In the Deep Security Manager, on the Computers tab, locate the computer with the error message.
2. Double-click the computer to open the Computer editor.
3. On the general tab, next to Policy, click Edit to edit the policy.
4. On the left, click Intrusion Prevention.
5. In the Assigned Intrusion Prevention Rules area, click Assign/Unassign.
6. Set the filter for IPS Rules: All, Assigned, and No Grouping.
7. For each page, right-click Select All (refer to the image below) and select Unassign Rule(s).

Create a new policy for the computer based on a recommendation scan

1. Back in the Computer editor, on the left click Intrusion Prevention and on the General tab select Clear Recommendations.
2. Select Scan For Recommendations.
3. When the scan is completed, go to the Policies page.
4. Click New to display the New Policy wizard.
5. Follow the steps in the wizard. When prompted, select Base this Policy on an existing Computer's current configuration.
6. On the Select which Computer properties to base the new Policy on: select the following:
   • Recommended Application Types and Intrusion Prevention Rules
   • Recommended Integrity Monitoring Rules
   • Recommended Log Inspection Rule
   
   The policy will consist of recommended rules only, regardless of what other rules are currently assigned to that computer.
7. After reviewing the policy and updating as appropriate, apply the new policy to the computer. (Go to the Computer editor page and select the new policy from the Policy.)