Validating A Security Policy (Nsm Procedure); Troubleshooting Security Policy Validation Errors (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1 Manual

Configuring intrusion detection and prevention devices guide

Table of Contents

Configuring Intrusion Detection and Prevention Devices Guide

Validating a Security Policy (NSM Procedure)

Troubleshooting Security Policy Validation Errors (NSM Procedure)

Problem

Table 52: Troubleshooting: Security Policy Validation Errors

Error

Rule Duplication

Rule Shadowing

Protocol Mismatches

118

Validating a security policy can identify potential problems before you install it.

To validate a security policy:

In the navigation tree, select Device Manager. The Device manager appears.

Select Validate > Validate IDP Policy and select the device. A Job Manager window

displays job information and progress.

Click OK.

For more information, see either the IDP Concepts & Examples Guide or the Network and

Security Manager Administration Guide.

Intrusion Detection and Prevention Devices and Security Policies Overview on page 31

Assigning a Security Policy in an Intrusion Detection and Prevention Device (NSM

Procedure) on page 117

Troubleshooting Security Policy Validation Errors (NSM Procedure) on page 118

If NSM identifies a problem in the policy during policy validation, it displays information

about the problem at the bottom of the selected rulebase. For example, if you included

a non-IDP capable security device in the Install On column of an IDP rule, policy validation

displays an error message. You can validate those errors and troubleshoot them.

Table 52 on page 118 describes security policy validation errors and how to resolve them.

Description

Rule appears more than once.

To resolve this problem, delete the duplicate.

Rule shadowing occurs when two rules are designed to detect the same attack, and the first

rule is either a terminal match rule or contains a more severe action than the second rule. In

these cases, the second rule will never be applied.

To resolve this problem, modify or delete one of the rules.

Protocol mismatches occur when a service object that is specified in the Service column of

the security policy uses a different protocol from that specified by the default service binding

of the attack object for that rule. Remember that the service binding specifies the service and

port that the attack uses. Because two different protocols are specified, IDP cannot match

attacks for the attack object.

To resolve this problem, set Service to Default.

Table of Contents

Troubleshooting

This manual is also suitable for:

Network and security manager 2010.3

Validating A Security Policy (Nsm Procedure); Troubleshooting Security Policy Validation Errors (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1 Manual

Validating a Security Policy (NSM Procedure)

Troubleshooting Security Policy Validation Errors (NSM Procedure)

Troubleshooting

Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1

Related Content for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1

This manual is also suitable for:

Table of Contents