Table of Contents
Advertisement
Configuring Intrusion Detection and Prevention Devices Guide
Chapter 4
Chapter 5
Chapter 6
viii
Violation Viewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Modifying Profiler Settings (NSM Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Configuring Profiler Database Preferences (NSM Procedure) . . . . . . . . . . . . . . . . 26
Displaying Profiler Database Information (NSM Procedure) . . . . . . . . . . . . . . . . . 27
Querying the Profiler Database (NSM Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . 28
Purging the Profiler Database (NSM Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Configuring Security Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Configuring Predefined Security Policies (NSM Procedure) . . . . . . . . . . . . . . . . . . 33
Creating a New Security Policy (NSM Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . 34
Modifying IDP Rulebase Rules (NSM Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Specifying Rule Match Conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Specifying IDP Rulebase Attack Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Specifying Rule Session Action . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Specifying Rule IP Action . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Specifying Rule Notification Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Specifying Rule VLAN Matches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Specifying Rule Targets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Specifying Rule Severity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Specifying Rule Optional Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Specifying Rule Comments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Configuring Exempt Rulebase Rules (NSM Procedure) . . . . . . . . . . . . . . . . . . . . . 45
Configuring Backdoor Rulebase Rules (NSM Procedure) . . . . . . . . . . . . . . . . . . . . 47
Configuring SYN Protector Rulebase Rules (NSM Procedure) . . . . . . . . . . . . . . . 49
Configuring Traffic Anomalies Rulebase Rules (NSM Procedure) . . . . . . . . . . . . . 51
Configuring Network Honeypot Rulebase Rules (NSM Procedure) . . . . . . . . . . . . 54
Configuring Application Rulebase Rules (NSM Procedure) . . . . . . . . . . . . . . . . . . 57
Working with Attack Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Loading J-Security-Center Updates (NSM Procedure) . . . . . . . . . . . . . . . . . . . . . 62
Viewing Predefined Attack Objects (NSM Procedure) . . . . . . . . . . . . . . . . . . . . . . 63
Working with Attack Groups (NSM Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Creating Dynamic Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Creating Static Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Creating Custom Attack Objects (NSM Procedure) . . . . . . . . . . . . . . . . . . . . . . . . 67
Configuring General Properties for Attack Objects . . . . . . . . . . . . . . . . . . . . . 67
Creating a Signature Attack Object . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Verifying the Attack Object Database Version (NSM Procedure) . . . . . . . . . . . . . 75
Updating the IDP Detector Engine (NSM Procedure) . . . . . . . . . . . . . . . . . . . . . . . 76
Configuring SNMP and Syslog Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
Configuring an SNMP Agent (NSM Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
Configuring Syslog Collection (NSM Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
Troubleshooting
Subscribe to Our Youtube Channel
Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
Related Products for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING J SERIES SERVICES ROUTERS AND SRX SERIES SERVICES GATEWAYS GUIDE REV
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - M-SERIES AND MX-SERIES DEVICES GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.2
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CATEGORY OFFENSE INVESTIGATION GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
Need help?
Do you have a question about the NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1 and is the answer not in the manual?