Configuring Intrusion Detection and Prevention Devices Guide
Related Topics
56
Table 33: Network Honeypot Rulebase Rule Properties (continued)
Option
VLAN Tag
Severity
Install On
Comments
NOTE: The IDP drops MPLS traffic that matches a Network Honeypot rule. When the
IDP engine processes MPLS traffic, it stores the MPLS label information. It stores
separate labels for client-to-server and server-to-client communication. In the case of
traffic that matches Network Honeypot rules, there is no genuine server-to-client
communication, so the IDP engine does not have server-to-client MPLS label information.
Therefore, the impersonation operation is not supported.
For more information, see the IDP Concepts & Examples guide.
Intrusion Detection and Prevention Devices and Security Policies Overview on page 31
Modifying IDP Rulebase Rules (NSM Procedure) on page 36
Assigning a Security Policy in an Intrusion Detection and Prevention Device (NSM
Procedure) on page 117
Validating a Security Policy (NSM Procedure) on page 118
Function
Specifies that you can
configure a rule to only apply
to messages in certain VLANs.
Specifies if you can override
the inherent attack severity
on a per-rule basis within the
IDP rulebase.
Specifies the security devices
or templates that receive and
use this rule.
Specifies any miscellaneous
comment about the rule's
purpose.
Your Action
Set a value by selecting any of the
following options:
Any—This rule is applied to
messages in any VLAN and to
messages without a VLAN tag.
None—This rule is applied only
to messages that do not have a
VLAN tag.
Select VLAN Tags—This rule
specifies which VLAN tags the
rule applies to.
Set the severity to Default, Info,
Warning, Minor, Major, or Critical.
NOTE: This column only appears
when you view the Security Policy
in Expanded Mode.
Select the target security device.
NOTE: You can also select
multiple security devices on which
to install the rule.
Enter any additional comments
about the rule.
Copyright © 2010, Juniper Networks, Inc.