Ids Configuration Scenario Using Oa-700; Configuration Steps; Show Commands - Alcatel-Lucent OmniAccess 700 Cli Configuration Manual

IDS C
ONFIGURATION
The step-by-step procedure to configure IDS using the OA-700 is given below.
C S
ONFIGURATION TEPS
Q S
UICK TEPS
1. Create match-list.
2. Create intrusion sensor.
3. Create firewall policy.
4. Attach match-list and intrusion sensor to the firewall policy.
5. Attach firewall policy to an interface.
D S
ETAILED
Step 1: Configure rule using match-list for any packet that matches classification.
ALU(config)#match-list m1
ALU(config-match-list-m1)#ip any any
ALU(config-match-list-m1)#exit
Step 2: Create an intrusion sensor.
ALU(config)#firewall
ALU(config-firewall)#intrusion sensor ids1 snort
ALU(config-intrusion-sensor-ids1)#exit
Step 3: Create a firewall policy.
ALU(config)#firewall
ALU(config-firewall)#policy p1
ALU(config-firewall-p1)#
Step 4: Attach match-list and intrusion sensor to the firewall policy and specify the
action (detection or prevention).
ALU(config-firewall-p1)#match m1 intrusion ids1 prevention
Step 5: Apply the firewall policy to ingress of WAN interface.
ALU(config)#interface GigabitEthernet 7/1
ALU(config-if GigabitEthernet7/1)#firewall policy in p1
ALU(config-if GigabitEthernet7/1)#exit
S C
HOW OMMANDS
1. To check firewall policy with IDS sensor information
ALU#show firewall policy p1
ALU#show firewall intrusion sensor ids1
2. To verify firewall intrusion statistics and counters when device detects the
intrusion
ALU#show firewall intrusion snort statistics
CLI Configuration Guide
Beta
S
CENARIO
TEPS
Alcatel-Lucent
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)

IDS Configuration Scenario Using OA-700

U OA-700
SING
835
Beta