1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE...
  6. Manual

Configuring Traffic Anomalies Rulebase Rules (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1 Manual

Configuring intrusion detection and prevention devices guide
Hide thumbs
Table of Contents

Advertisement

Related Topics

Configuring Traffic Anomalies Rulebase Rules (NSM Procedure)

Copyright © 2010, Juniper Networks, Inc.
Table 31: SYN Protector Rulebase Rule Properties (continued)
Option
VLAN Tag
Severity
Install On
Comments
For more information, see the IDP Concepts & Examples guide.
Intrusion Detection and Prevention Devices and Security Policies Overview on page 31
Modifying IDP Rulebase Rules (NSM Procedure) on page 36
Configuring Traffic Anomalies Rulebase Rules (NSM Procedure) on page 51
Assigning a Security Policy in an Intrusion Detection and Prevention Device (NSM
Procedure) on page 117
The traffic anomalies rulebase employs a traffic flow analysis method to detect attacks
that occur over multiple connections and sessions (such as scans).
To configure a traffic anomalies rulebase rule:
In the NSM navigation tree, select Policy Manager > Security Policies.
1.
Select and double-click the security policy to which you want to add the traffic
2.
anomalies rulebase rule.
Function
Specifies that you can
configure a rule to only apply
to messages in certain VLANs.
Specifies if you can override
the inherent attack severity
on a per-rule basis within the
IDP rulebase.
Specifies the security devices
or templates that receive and
use this rule.
Specifies any miscellaneous
comment about the rule's
purpose.
Chapter 4: Configuring Security Policies
Your Action
Set a value by selecting any of the
following options:
Any—This rule is applied to
messages in any VLAN and to
messages without a VLAN tag.
None—This rule is applied only
to messages that do not have a
VLAN tag.
Select VLAN Tags—This rule
specifies which VLAN tags the
rule applies to.
Set the severity to Default, Info,
Warning, Minor, Major, or Critical.
NOTE: This column only appears
when you view the Security Policy
in Expanded Mode.
Select the target security device.
NOTE: You can also select
multiple security devices on which
to install the rule.
Enter any additional comments
about the rule.
51

Advertisement

Table of Contents
loading

Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1

Related Content for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1

This manual is also suitable for:

Network and security manager 2010.3

Table of Contents