Configuring Syn Protector Rulebase Rules (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01 Manual

Configuring intrusion detection and prevention devices guide

Hide thumbs Also See for NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01:

Manual (444 pages)

Administration manual (1026 pages)

Installation manual (244 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

Table of Contents

Documentation

Configuring SYN Protector Rulebase Rules (NSM Procedure)

Intrusion Detection and Prevention Devices and Security Policies Overview on page 31

Modifying IDP Rulebase Rules (NSM Procedure) on page 36

Configuring SYN Protector Rulebase Rules (NSM Procedure) on page 49

Assigning a Security Policy in an Intrusion Detection and Prevention Device (NSM

Procedure) on page 119

The SYN protector rulebase protects your network from malicious SYN-flood attacks.

To configure a SYN protector rulebase rule:

In the NSM navigation tree, select Policy Manager > Security Policies.

Select and double-click the security policy to which you want to add the SYN protector

rulebase rule.

Click New in the upper right corner of the policy viewer and select Add SYN Protector

Rulebase.

Click the New button within the rules viewer to add a rule.

Modify the property of the rule by right-clicking the table cell for the property and

making your modifications.

Configure or modify the rule using the settings described in Table 31 on page 49.

Table 31: SYN Protector Rulebase Rule Properties

Option

Match > Source

Match > Destination

Function

Specifies if you want to add,

delete, copy, or reorder rules.

Specifies the address object

that is the source of the

traffic.

Specifies the address object

that is the destination of the

traffic, typically a server or

other device on your network.

Chapter 4: Configuring Security Policies

Your Action

Right-click the table cell for the

rule number and make your

required modifications.

Select any to monitor network

traffic originating from any IP

address.

NOTE: You can also negate one

or more address objects to specify

all sources except the excluded

object.

Select the destination object.

NOTE: You can also negate one

or more address objects to specify

all destinations except the

excluded object.

Table of Contents

Configuring Syn Protector Rulebase Rules (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01 Manual

Configuring SYN Protector Rulebase Rules (NSM Procedure)

Troubleshooting

Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01

Related Content for Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01

Table of Contents