1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE...
  6. Manual

Creating Custom Attack Objects (Nsm Procedure); Configuring General Properties For Attack Objects - Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1 Manual

Configuring intrusion detection and prevention devices guide
Hide thumbs
Table of Contents

Advertisement

Creating Custom Attack Objects (NSM Procedure)

Configuring General Properties for Attack Objects

Table 37: Custom Attack Dialog Box: General Tab Settings
Setting
Name
Description
Severity
Category
Keywords
Recommended
Attack Versions
Detection Performance
Copyright © 2010, Juniper Networks, Inc.
Creating Custom Attack Objects (NSM Procedure) on page 67
Viewing Predefined Attack Objects (NSM Procedure)
Verifying the Attack Object Database Version (NSM Procedure) on page 75
This section includes the following:
Configuring General Properties for Attack Objects on page 67
Creating a Signature Attack Object on page 69
To create a custom attack object:
In the Object Manager, click Attack Objects > IDP Objects to display the IDP Objects
1.
dialog box.
Click the Custom Attacks tab.
2.
Click the + icon to display the Custom Attack dialog box.
3.
Configure general attack object settings using Table 37 on page 67 on the General
4.
tab.
Description
Specifies the name to be displayed in the UI.
TIP: You might want to include the protocol the attack uses as part of the attack name.
Specifies details about the attack. Entering a description is optional when creating a new attack
object, but it can help you remember important information about the attack. View the attack
descriptions for predefined attacks for examples.
Specifies a severity rating: Info, Warning, Minor, Major, or Critical. Critical attacks are the most
dangerous—typically these attacks attempt to crash your server or gain control of your network.
Informational attacks are the least dangerous and typically are used by network administrators to
discover holes in their own security system.
Specifies a predefined category or defines a new category.
Specifies keywords—unique identifiers that can be used to search and sort log records.
Specifies that this attack object is part of your highest risk set of attack objects. Later, when you
add this attack object to dynamic groups, you can specify whether only recommended attack
objects will be included.
Skip this for now.
Select High, Medium, Low, or Not Defined.
Chapter 5: Working with Attack Objects
67

Advertisement

Table of Contents
loading

Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1

Related Content for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1

This manual is also suitable for:

Network and security manager 2010.3

Table of Contents