IDS C
ONFIGURATION
This section lists the step-by-step instructions to be followed while configuring
IDS.
Step 1: Configure rule using match-list for any packet that matches classification.
(Refer to the chapter on
Step 2: Enter Firewall Configuration Mode.
Step 3: Configure intrusion sensor. See
Step 4: Optional configuration commands.
•
•
•
•
•
•
•
Step 5: Configure Firewall Policy.
(For a detailed information on firewall, refer
Step 6: Attach the configured intrusion sensors to the firewall policy. See
Create a Intrusion Rule Inside a Firewall Policy"
CLI Configuration Guide
Beta
S
TEPS
"Common Classifiers"
ALU(config)# firewall
ALU(config-firewall)#
Update Snort Rule. See
Rollback Snort Rule Database. See
Manually Rebuild Signature Database. See
Signature Database"
Modifying Snort Rule for detecting intrusion. See
Detection"
Enable/Disable Snort Rule. See
Modify Snort Rule. See
Prevent Snort Rule Modification. See
ALU(config)# policy <name>
ALU(config-firewall-policy<name>)#
Example:
ALU(config-firewall)# policy P1
ALU(config-firewall-policy-P1)#
Alcatel-Lucent
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
in this document.)
"To Configure an IDS Sensor"
"To Update Snort Rule"
"To Rollback Snort Rule Database"
"To Manually Rebuild
"To Enable/Disable Snort Rule"
"To Modify Snort Rule"
"To Modify Group Level Prevention"
"Filter and Firewall"
IDS Configuration
"To Modify Group Level
chapter.)
"To
819
Beta