1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE...
  6. Manual

Viewing Predefined Attack Objects (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1 Manual

Configuring intrusion detection and prevention devices guide
Hide thumbs
Table of Contents

Advertisement

Table 35: IDP Detector Engine and NSM Attack Database Update Procedures (continued)
Task
To push predefined
attack object updates
from the NSM GUI server
to IDP devices
To schedule regular
updates
Related Topics

Viewing Predefined Attack Objects (NSM Procedure)

Purpose
Copyright © 2010, Juniper Networks, Inc.
Procedure
1.
From the NSM main menu, select Devices > Configuration > Update Device Config.
2.
Select the devices that you want to push configuration updates to and to set update job options
on.
3.
Click OK.
NOTE: Only the attack objects that are used in IDP rules for the device are pushed from the GUI
server to the device.
1.
Log in to the NSM GUI server command line.
2.
Change directory to
/usr/netscreen/GuiSvr/utils
3.
Create a shell script called attackupdates.sh with the following contents:
Set the NSMUSER environment variable with an NSM domain/user pair. The command for
setting environment variables depends on your OS. Example:
export NSMUSER=domain/user
Set the NSMPASSWD environment variable with an NSM password. The command for
setting environment variables depends on your OS and shell. Example:
export NSMPASSWD=password
Specify a guiSvrCli command string. Example:
/usr/netscreen/GuiSvr/utils/guiSvrCli.sh --update-attacks --post-action
--update-devices --skip
4.
Make the script executable by the user associated with the cron job:
chmod 700 attackupdates.sh
5.
Run the crontab editor:
crontab -e
6.
Add an entry for the shell script:
minutes_after_hour
hour * * * /usr/netscreen/GuiSvr/utils/attackupdates.sh
During the update, the guiSvrCli utility updates the attack object database, then performs the post
actions. After updating and executing actions, the system generates an exit status code of 0 (no
errors) or 1 (errors).
Attack Objects in Intrusion Detection and Prevention Security Policies Overview on
page 61

Viewing Predefined Attack Objects (NSM Procedure)

Working with Attack Groups (NSM Procedure) on page 64
Juniper Networks Security Center (J-Security Center) develops predefined attack objects
and attack object groups for IDP rulebase rules.
Chapter 5: Working with Attack Objects
.
63

Advertisement

Table of Contents
loading

Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1

Related Content for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1

This manual is also suitable for:

Network and security manager 2010.3

Table of Contents