Creating Static Groups - Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1 Manual

Configuring Intrusion Detection and Prevention Devices Guide
Table 36: Dynamic Attack Group Filters (continued)
Filter
Add Last Modified Filter
Add Recommended Filter

Creating Static Groups

Related Topics
66
Description
Filters attack objects based on their last modification date.
Filters attack objects based on whether they have been marked Recommended.
A static group contains a specific, finite set of attack objects or groups. There are two
types of static groups: predefined static groups and custom static groups.
A custom static group can include the same members as a predefined static group
(predefined attack objects, predefined static groups, and predefined dynamic groups),
plus the following members:
Custom attack objects
Custom dynamic groups
Other custom static groups
Use static groups to define a specific set of attacks to which you know your network is
vulnerable, or to group custom attack objects. For example, you might want to create a
group for a specific set of informational attack objects that keep you aware of what is
happening on your network.
Static groups require more maintenance than dynamic groups because you must manually
add or remove attack objects in a static group to change the members. However, you
can include a dynamic group within a static group to automatically update some attack
objects. For example, the predefined attack object group Operating System is a static
group that contains four predefined static groups: BSD, Linux, Solaris, and Windows. The
BSD group contains the predefined dynamic group BSD-Services-Critical, to which attack
objects can be added during an attack database update.
To create a custom static group:
In Object Manager, select Attack Objects > IDP Objects to display the IDP Objects
1.
dialog box.
Click the Custom Attack Groups tab, then click the + icon and select Add Static
2.
Group to display the New Static Group dialog box.
Enter a name and description for the static group.
3.
Select a color for the group icon.
4.
Select the attack or group from the Attacks/Group list and click Add .
5.
Click OK.
6.
Attack Objects in Intrusion Detection and Prevention Security Policies Overview on
page 61
Copyright © 2010, Juniper Networks, Inc.