1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE...
  6. Manual

Configuring Exempt Rulebase Rules (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1 Manual

Configuring intrusion detection and prevention devices guide
Hide thumbs
Table of Contents

Advertisement

Configuring Exempt Rulebase Rules (NSM Procedure)

Copyright © 2010, Juniper Networks, Inc.
The exempt rulebase contains rules that prevent rules in the Intrusion Detection and
Prevention (IDP) rulebase from matching specific source or destination pairs for specific
attack objects.
The exempt rulebase works in conjunction with the IDP rulebase. Before you can create
exempt rules, you must first create rules in the IDP rulebase. If traffic matches a rule in
the IDP rulebase, the IDP sensor attempts to match the traffic against the exempt rulebase
before performing the specified action or creating a log record for the event.
NOTE: The exempt rulebase is a non-terminal rulebase. The IDP device checks all rules
in the exempt rulebase and executes all matches.
To configure an exempt rulebase rule:
In the NSM navigation tree, select Policy Manager > Security Policies.
1.
Select and double-click the security policy for which you want to add an exempt
2.
rulebase rule.
Click New in the upper right corner of the policy viewer and select Add Exempt
3.
Rulebase.
Click the New button within the rules viewer to add a rule.
4.
Modify the property of the rule by right-clicking the table cell for the property and
5.
making your modifications.
Configure or modify the rule using the settings described in Table 29 on page 45.
6.
Table 29: Exempt Rulebase Rule Properties
Option
No
Match > From Zone
Match > Source
Function
Specifies if you want to add,
delete, copy, or reorder rules.
Specifies the zone from where
the source sends traffic.
Specifies the address object
that is the source of the
traffic.
Chapter 4: Configuring Security Policies
Your Action
Right-click the table cell for the
rule number and make your
required modifications.
Select one or more zones for the
source zone, or you can specify any
for all source zones.
NOTE: The selected zone must be
available on the security device
specified in the Install On column.
Select any to monitor network
traffic originating from any IP
address.
NOTE: You can also negate one
or more address objects to specify
all sources except the excluded
object.
45

Advertisement

Table of Contents
loading

Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1

Related Content for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1

This manual is also suitable for:

Network and security manager 2010.3

Table of Contents