ZyXEL Communications NXC5200 User Manual page 313
Hide thumbs
Also See for NXC5200:
- Specifications (6 pages) ,
- Specifications (4 pages) ,
- Quick start manual (136 pages)
Table of Contents
Advertisement
Table 115 Configuration > Anti-X > IDP > Profile > Add/Edit Profile (continued)
LABEL
Action
#
Status
Service
Message
SID
Severity
Policy Type
NXC5200 User's Guide
DESCRIPTION
To edit what action the NXC takes when a packet matches a signature,
select the signature and use the Action icon.
none: Select this action on an individual signature or a complete service
group to have the NXC take no action when a packet matches the
signature(s).
drop: Select this action on an individual signature or a complete service
group to have the NXC silently drop a packet that matches the
signature(s). Neither sender nor receiver are notified.
reject-sender: Select this action on an individual signature or a complete
service group to have the NXC send a reset to the sender when a packet
matches the signature. If it is a TCP attack packet, the NXC will send a
packet with a 'RST' flag. If it is an ICMP or UDP attack packet, the NXC will
send an ICMP unreachable packet.
reject-receiver: Select this action on an individual signature or a
complete service group to have the NXC send a reset to the receiver when
a packet matches the signature. If it is a TCP attack packet, the NXC will
send a packet with an a 'RST' flag. If it is an ICMP or UDP attack packet,
the NXC will do nothing.
reject-both: Select this action on an individual signature or a complete
service group to have the NXC send a reset to both the sender and
receiver when a packet matches the signature. If it is a TCP attack packet,
the NXC will send a packet with a 'RST' flag to the receiver and sender. If
it is an ICMP or UDP attack packet, the NXC will send an ICMP unreachable
packet.
This is the entry's index number in the list.
The activate (light bulb) icon is lit when the entry is active and dimmed
when the entry is inactive.
Click the + sign next to a service group to expand it. A service group is a
group of related IDP signatures.
This is the name of the signature.
This is the signature ID (identification) number that uniquely identifies a
NXC signature.
These are the severities as defined in the NXC. The number in brackets is
the number you use if using commands.
Severe (5): These denote attacks that try to run arbitrary code or gain
system privileges.
High (4): These denote known serious vulnerabilities or attacks that are
probably not false alarms.
Medium (3): These denote medium threats, access control attacks or
attacks that could be false alarms.
Low (2): These denote mild threats or attacks that could be false alarms.
Very Low (1): These denote possible attacks caused by traffic such as
Ping, trace route, ICMP queries etc.
This is the attack type as defined on the NXC.
Chapter 21 IDP
313
Advertisement
Table of Contents
Troubleshooting
