Ips Quarantine Settings In The Threat Analyzer - McAfee M-1250 - Network Security Platform Configuration Manual
Ips configuration guide version 5.1
Hide thumbs
Also See for M-1250 - Network Security Platform:
- Upgrade manual (58 pages) ,
- Deployment manual (36 pages) ,
- Manual (32 pages)
Table of Contents
Advertisement
McAfee® Network Security Platform 5.1
5
6
7
8
9
Note:
Sensor port settings for IPS quarantine. (on page 211)
Summary of Admin Domain configurations for IPS Quarantine
The Summary of IPS Quarantine configurations for the admin domain can be viewed from
IPS Settings > IPS Quarantine > Summary
Settings > IPS Quarantine
The following configuration details can be viewed in
•
•
•
•
•
IPS Quarantine settings in the Threat Analyzer
From the Real-time Threat Analyzer, you can add hosts for IPS Quarantine, and view
summary of IPS Quarantine of hosts.
•
Enable quarantine of hosts, but disable remediation (or re-direction of HTTP
requests)
•
Disable IPS Quarantine- when you choose this option, remediation is
automatically disabled.
Enabling HTTP traffic redirection: When you enable this configuration, the HTTP
b.
traffic from the host is re-directed to a Remediation Portal. For more information,
see Configuring the remediation portal.
Choose the required Network Access Zone definition in
information on network access zones, see Adding Network Access Zones for IPS
Quarantine (on page 116).
Quarantine Duration
Set the
, which represents the time interval for which the host is
quarantined. Default value is 5 minutes.
Next
Select
, to go to the next page of the IPS Quarantine Configuration Wizard.
NAC Exclusions
The
page is displayed.
If required, configure the NAC Exclusions List. The Sensor does not quarantine the
hosts in this list.
For details on how to use the NAC Exclusions List, see Configuring NAC
NAC Configuration Guide
Exclusions,
For information on how to add, edit, and delete items in the NAC Exclusions List,
see Managing items in the NAC Exclusion List,
If you have a long list of items to be added to the NAC Exclusions List, consider
importing them from a file. For information, see Importing NAC Exclusions from a
NAC Configuration Guide
file,
To save the IPS Quarantine configuration, select
message that the Sensor(s) need to be updated. Select the required option to if you
want to update the Sensor(s).
For enabling IPS Quarantine in the individual Sensor monitoring ports, see
.
Configuration of network objects for IPS Quarantine
Configuration of Network Access Zones for IPS Quarantine
Syslog forwarding configuration
Remediation Portal configuration
IPS Settings which display the configurations using the IPS Quarantine Configuration
Wizard including NAC Exclusions
.
NAC Configuration Guide
.
Finish
. This is the default page displayed when you select
Summary
123
Managing IPS settings
IPS Quarantine NAZ
. For more
.
. The wizard displays a
page:
IPS
Advertisement
Table of Contents
