1. Manuals
  2. Brands
  3. Nokia Manuals
  4. Telephone
  5. Intrusion Prevention
  6. Quick setup manual

Nokia Intrusion Prevention Quick Setup Manual page 19

Hide thumbs
Table of Contents

Advertisement

10
Configure the Detection Engines
At this point, your Sourcefire 3D Sensor on Nokia is set up in the following default
configuration:
All the available network interfaces, excluding the management interface, are
combined in a single passive interface set. (To be considered available, an interface
must be administratively disabled.)
A single IPS detection engine is created, which uses the default passive interface set.
If the default configuration of your sensor matches your deployment needs, you can
start receiving events from the sensor as soon as you apply a passive IPS policy to
your detection engine.
From the Defense Center, you can select Policy & Response > IPS > Detection &
Prevention to create and apply a passive IPS policy. For more information, see
"Creating Intrusion Policies" in the Sourcefire 3D System for Nokia User Guide.
Changing the Default Configuration
Your deployment might require a different configuration from the default configuration.
For example, you might be deploying your sensor inline with fail open interfaces, which
would require creating an inline with fail open interface set. Or you might want to also
run RNA or RUA over the default passive interface set.
To change the default configuration, you can:
Edit the default interface set and create new interface sets.
By removing interfaces from the default interface set, you make those interfaces
available for inclusion in other interface sets that you create—for example, an inline
interface set. The new interface set can then be assigned to the default detection
engine or to a new detection engine that you create.
To begin configuring interface sets, select Operations > Configuration > Detection
Engines > Interface Sets.
Edit the existing default detection engine or create a new detection engine.
For example, if you are deploying your sensor inline, you can edit the IPS default
detection engine to use an inline interface set, rather than the default passive
interface set. Or you can create a new detection engine to run RNA or RUA.
To begin editing or creating detection engines, select Operations > Configuration >
Detection Engines > Detection Engines.
Nokia Intrusion Prevention with Sourcefire Appliance Quick Setup Guide
19

Advertisement

Table of Contents
loading

Related Manuals for Nokia Intrusion Prevention

Related Products for Nokia Intrusion Prevention

Table of Contents