Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01 Manual page 64

Configuring Intrusion Detection and Prevention Devices Guide
48
Table 30: Backdoor Rulebase Rule Properties (continued)
Option
Match > Service
Operation
Action
Notification
VLAN Tag
Severity
Install On
Comments
For more information, see the IDP Concepts & Examples guide.
Function
Specifies service objects in
rules to service an attack to
access your network.
Specifies whether to detect
or ignore the backdoor traffic.
Specifies an action of the IDP
to detect any interactive
traffic.
Allows you to create log
records with attack
information that you can view
real-time in the Log Viewer.
Specifies that you can
configure a rule to only apply
to messages in certain VLANs.
Specifies if you can override
the inherent attack severity
on a per-rule basis within the
IDP rulebase.
Specifies the security devices
or templates that receive and
use this rule.
Specifies any miscellaneous
comment about the rule's
purpose.
Your Action
Set a service by selecting any of
the following options:
Any—Sets any service.
Default—Accepts the service
specified by the attack object.
Select Service—Chooses
specific services from the list of
defined service objects.
Select either Detect or Ignore.
Select any type of action.
Select Configure to create log
records.
Set a value by selecting any of the
following options:
Any—This rule is applied to
messages in any VLAN and to
messages without a VLAN tag.
None—This rule is applied only
to messages that do not have a
VLAN tag.
Select VLAN Tags—This rule
specifies which VLAN tags the
rule applies to.
Set the severity to Default, Info,
Warning, Minor, Major, or Critical.
NOTE: This column only appears
when you view the Security Policy
in Expanded Mode.
Select the target security device.
NOTE: You can also select
multiple security devices on which
to install the rule.
Enter any additional comments
about the rule.
Copyright © 2010, Juniper Networks, Inc.