1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE...
  6. Manual

Configuring Router Parameters (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1 Manual

Configuring intrusion detection and prevention devices guide
Hide thumbs
Table of Contents

Advertisement

Configuring Intrusion Detection and Prevention Devices Guide
Table 49: IDP Device Configuration: Run-Time Parameters (continued)
Setting
Traffic Signatures
Related Topics

Configuring Router Parameters (NSM Procedure)

94
Description
Byte threshold for suspicious flows–Specifies a threshold for what IDP considers a small packet.
A scan typically uses small packets to access its targets. You can exclude suspicious flows that
contain large packets to prevent false positives when detecting scans.
If IDP sees more than this maximum, it does not consider the connection to be a scan. The default
is 20 bytes.
Reporting frequency when scan is in progress –Controls how often IDP generates "in progress"
logs for a stealthy scan.
Attackers can perform blatant scans very quickly, mapping your network in just a few seconds, but
these scans typically trigger IDSes and leave evidence behind. Stealthy scans are performed over
much longer time periods, lasting hours, days, or even weeks, making them more difficult to detect.
The default is 30 seconds.
The number of IP tracked for session rate –Controls the number of IP addresses tracked by the
session rate counter. If IDP sees more addresses than the maximum, it does not track the additional
IP addresses.The default is 32,767 IP addresses.
Updating the IDP Detector Engine (NSM Procedure) on page 76
Configuring SYN Protector Rulebase Rules (NSM Procedure) on page 49
Configuring Router Parameters (NSM Procedure) on page 94
Router parameters control how the security module handles address resolution protocol
(ARP) requests/replies and media access control (MAC) address issues. These settings
apply to proxy-ARP and bridge mode deployments. These options control packet handling
for specific protocols. Use these options to control IDP Sensor routing, if applicable.
To configure router parameters:
In NSM Device Manager, double-click the IDP device for which you want to configure
1.
router parameters. The device configuration editor appears.
Click Sensor Settings.
2.
Click the Router Parameters tab.
3.
Configure the router parameters using Table 50 on page 95.
4.
Click Apply.
5.
Click OK.
6.
Copyright © 2010, Juniper Networks, Inc.

Advertisement

Table of Contents
loading

Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1

Related Content for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1

This manual is also suitable for:

Network and security manager 2010.3

Table of Contents