Verifying The Attack Object Database Version (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1 Manual

Configuring intrusion detection and prevention devices guide

Table of Contents

Table 45: ICMP Header Match Settings

Setting

ICMP Type

ICMP Code

Sequence Number

ICMP ID

Verifying the Attack Object Database Version (NSM Procedure)

Purpose

Action

If you selected ICMP for Service Binding and packet or first-data-packet as the

Context, click the Protocols tab, select ICMP packet header fields, and configure

ICMP Header Match settings as described in Table 45 on page 75.

Description

Enter the primary code that identifies the function of the request/reply.

Enter the secondary code that identifies the function of the request/reply within a given type.

Enter the sequence number of the packet. This number identifies the location of the request/reply

in relation to the entire sequence.

Enter the identification number which is a unique value used by the destination system to associate

requests and replies.

Click Finish.

Attack Objects in Intrusion Detection and Prevention Security Policies Overview on

page 61

Working with Attack Groups (NSM Procedure) on page 64

Viewing Predefined Attack Objects (NSM Procedure)

Updating the IDP Detector Engine (NSM Procedure) on page 76

New attack objects are added to the attack object database server frequently;

downloading these updates and installing them on your managed devices regularly

ensures that your network is protected against the latest threats. As new attack objects

are added to the attack object database server, the version number of the database

increments by 1. When you download a version of the attack object database from the

server, NSM stores the version number of that database.

Automatic Verification

The management system uses the database version number to detect and notify you

when the stored attack object database on the GUI server is:

Older than the most recent database available from the attack object database server.

Newer than the attack object database currently installed on your ScreenOS 5.1 and

later managed devices.

When NSM detects that the managed device contains an older attack object database

version than the one stored on the GUI server, the UI displays a warning for that device,

indicating that you should update the attack object database on the device.

Manual Verification

Chapter 5: Working with Attack Objects

Table of Contents

Troubleshooting

This manual is also suitable for:

Network and security manager 2010.3

Verifying The Attack Object Database Version (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1 Manual

Verifying the Attack Object Database Version (NSM Procedure)

Troubleshooting

Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1

Related Content for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1

This manual is also suitable for:

Table of Contents