Table of Contents
Advertisement
Table 17: SYN Protector Rulebase Data Elements (continued)
Data Element
comments
customOptions_collection
enabled
src_addr_collection
src_addr_negate
dst_addr_coillection
dst_addr_negate
service
mode
severity
log
vlan
Copyright © 2010, Juniper Networks, Inc.
Description
Comments about the SYN Protector collection.
Custom options.
Collection enabled.
Traffic source address.
Negates the specified source address.
Traffic destination address.
Negates the specified destination address.
The default service,
, looks for SYN floods in all TCP-based traffic.
TCP-any
NOTE: Always set the SYN Protector service value to
can cause unpredictable interactions with other rulebases.
Select the mode that indicates how IDP handles TCP traffic. The possible values are:
None = no action taken.
Relay = IDP acts as the middleman or relay for the established connection.
Passive = IDP handles the transfer of packets between the client host and the server but
does not prevent the connection from being established.
Severity of the attack. Within the IDP rulebase, you can override the ordinary attack severity
on a per-rule basis. Possible settings:
Default
Info
Warning
Minor
Major
Critical
You can configure the system to log an attack and create log records with attack information.
This logged information can be viewed in real-time through the Log Viewer.
This parameter configures a rule that only applies to messages in specified VLANs. The possible
settings are:
Any (default) = Any rule will be applied to messages in any VLAN and to messages without
a VLAN tag. This setting has the same effect as not specifying a VLAN. Any can be sent to
devices that do not support VLAN tagging.
None = A rule will be applied only to messages that do not have a VLAN tag. Rules with this
value set cannot be sent to devices that do not support VLAN tagging.
vlan_list_collection = Specifies the VLAN tags to which the rule applies. You must create
VLAN objects before applying them to the rules. Rules with this value set cannot be sent to
devices that do not support VLAN tagging.
Chapter 5: Security Data Model
. Selecting individual services
TCP-any
47
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1
Related Products for Juniper NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING J SERIES SERVICES ROUTERS AND SRX SERIES SERVICES GATEWAYS GUIDE REV
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - M-SERIES AND MX-SERIES DEVICES GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper NETWORK AND SECURITY MANAGER 2010.2
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CATEGORY OFFENSE INVESTIGATION GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper SSG 20-WLAN
Need help?
Do you have a question about the NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1 and is the answer not in the manual?
Questions and answers