Figure 52: View Dos2 Value For Source Ip Based Session Limit; Figure 53: View Dos Value For Syn-Ack-Ack Proxy Protection Setting; Figure 54: View Default Syn-Ack-Ack Proxy Protection Setting; Template Limitations - Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1 Administration Manual
Table of Contents
Advertisement
Template Limitations
Copyright © 2010, Juniper Networks, Inc.
c.
Verify the origin of each value by pressing the Shift key and moving the mouse
cursor over the field name.
For the Source IP Based Session Limit, the message "From template: DoS2" appears,
as shown in Figure 52 on page 207.
Figure 52: View DoS2 Value for Source IP Based Session Limit
For the SYN-ACK-ACK Proxy Protection and for Destination IP Based Session Limit,
the message "From template: DoS" appears, as shown in Figure 53 on page 207.
Figure 53: View DoS Value for SYN-ACK-ACK Proxy Protection Setting
Manually override the SYN-ACK-ACK Proxy Protection value that is set by the
8.
template DoS:
Clear the SYN-ACK-ACK Proxy Protection check box.
Select and set the SYN-ACK-ACK Proxy Protection threshold to be 1000.
The override icon appears next to the field name. Verify that the setting is derived
from the device configuration itself and not a template by moving the cursor over
the field name. The message "From object" appears, as shown in Figure 54 on
page 207.
Figure 54: View Default SYN-ACK-ACK Proxy Protection Setting
When configuring and using templates in NSM, be aware of the following limitations.
Maximum of 63 Templates
You can apply a maximum of 63 templates to a single device. However, configuring
certain features reduces the maximum number of templates you can apply to a device:
Cluster or vsys member—Configuring a device as a vsys device or as a member of a
cluster reduces the maximum number of templates by one.
VPNs—Each centrally managed VPN that the device belongs to also reduces the
maximum number of templates by one.
Referenced templates—Each referenced template (a template referred to by another
template) reduces the maximum number of templates by one. For example, a device
that uses template A, which in turn refers to templates B and C, counts as three
templates.
Chapter 5: Configuring Devices
207
Advertisement
Table of Contents
Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1
Related Products for Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING J SERIES SERVICES ROUTERS AND SRX SERIES SERVICES GATEWAYS GUIDE REV
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - M-SERIES AND MX-SERIES DEVICES GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008
Need help?
Do you have a question about the NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1 and is the answer not in the manual?
Questions and answers