Table of Contents
Advertisement
Configuring Intrusion Detection and Prevention Devices Guide
Table 47: IDP Device Configuration: Anti-Spoof Settings (continued)
Setting
Action
Network Objects
Related Topics
Example: Applying Antispoof to a Web Server and Database Server (NSM Procedure)
84
Description
Specify the action for the IDP device to take: None or Drop Packet.
Browse and select the address objects you associate with the selected interface.
Configuring Additional Intrusion Detection and Prevention Features Overview on page 111
Adding Intrusion Detection and Prevention Devices in NSM Overview on page 8
NSM and Intrusion Detection and Prevention Device Management Overview on page 5
To apply antispoof settings to a Web server and a database server:
Add your Web server and database server to the list of address objects.
1.
Connect the Web server to the Sensor through eth2. Connect the database server
2.
to the Sensor through eth4.
Open the device in Device Manager.
3.
Click Anti-Spoof Settings.
4.
Click New to add a new entry to the antispoof table. In the dialog box that opens,
5.
configure the following settings:
a.
Select eth4 as the forwarding interface for the database server.
b.
Check both the Logging and Alert check boxes because your database server is
important.
c.
Select None from the Action list.
d.
Select your database server from the list of address objects.
e.
Click OK.
f.
Click New again to add your Web server.
g.
Select eth2 as the interface.
h.
Select the Logging check box.
i.
Select the Check other interfaces check box.
If this check box is selected, the sensor compares each IP address to the list of
addresses known to be assigned to other interfaces. In other words, if the database
server IP address appears at this interface, you want the sensor to let you know.
j.
Select None from the Action list. You just want to log this event.
k.
Select the Web server as the address object assigned to this interface.
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
Troubleshooting
