I imagine it is included in the backup but it’s probably not something you can easily extract.

You can use show configuration command and filter for IPS with grep, but the syntax is not perfect to load it back, so you will probably need to do some tweaking like removing unnecessary double-quotes and dashes.

The process of using show configuration for config transfer is elaborated here: Configuration transfer between different SMB models

Really, ips settings are the largest part here (6860 lines from 7928), apart from global and special settings consisting of:

# IPS topic view
set threat-prevention ips protection-action-override protection-code "8161769329" override-policy-action "false"

Whole IPS config part is stretching from

# IPS engine settings

to

# IPv6 enforcment settings

There maybe another possibility available if we look where the IPS details are stored - the folder /storage/ips includes:

- a file /storage/ips/cmi_loader_sig_ids.conf

- a folder "update" containing:

    two config folders, 0 and 1, with two links pointing to them called cur (current) and old

    file /storage/ips/update/Version.tmp

    file /storage/ips/update/Version

    file /storage/ips/update/next_update

    file /storage/ips/update/ips_status.C

and the SQL database file /storage/ips/update/ips.db

ips.db can be opened using open source tool as DB Browser for SQLite.

Thank you for these pointers. I'll give this a try and post back.