Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INFRANET CONTROLLER GUIDE REV 01 Manual page 215

Copyright © 2010, Juniper Networks, Inc.
Table 57: Sensor Event Policies Configuration Details (continued)
Option Function
Action to Specifies the action to
be taken be taken when an event
has occurred.
Replace Specifies that the role
user role applied to the user's
with this profile should change to
role the role selected from
this list.
Replace Specifies whether the
user role role assignment is
permanent or only for a
session.
Applies to Specifies the roles to
role which the policy is
applicable.
Chapter 18: Configuring the Infranet Controller to Interoperate with IDP
Your Action
Select one of the following actions:
Ignore (just log the event)—Specifies that the Infranet
Controller should log the event, but take no further
action against the user profile to which this rule
applies. This option is best used to deal with very
minor "informational" attack alert messages that
come from the IDP device.
Terminate user session—Specifies that the Infranet
Controller should immediately terminate the user
session and require the user to sign in to the Infranet
Controller again.
Disable user account—Specifies that the Infranet
Controller should disable the user profile associated
with this attack alert message, thus rendering the
client unable to sign in to the Infranet Controller until
the administrator reenables the user account. (This
option is only applicable for users who have a local
Infranet Controller user account.)
Replace user's role with this one—Specifies that the
role applied to this user's profile should change to the
role you select from the associated drop-down list.
This new role remains assigned to the user profile until
the session terminates. This feature allows you to
assign a user to a specific controlled role of your
choice, based on specific IDP events. For example, if
the user performs attacks, you might assign the user
to a restricted role that limits the user's access and
activities.
Select a role from this list.
Select a role assignment option:
Permanent—User remains in the quarantined state
across subsequent logins until the administrator
releases the user from the quarantined state.
For this session only—Default. User can log in to
another session.
Select one of the following options:
All—To apply this policy to all users.
Selected—To apply this policy only to users who are
mapped to roles in the Members list. Make sure to add
roles to this list from the Non-members list.
Except for those selected—To apply this policy to all
users except for those who are mapped to the roles
in the Members list. Make sure to add roles to this list
from the Non-members list.
197