Table of Contents
Advertisement
Network and Security Manager Administration Guide
Creating Static Attack Groups
Creating Dynamic Attack Groups (IDP Only)
360
A static group contains a specific, finite set of attack objects or groups. There are two
types of static groups: predefined static groups and custom static groups.
A custom static group can include the same members as a predefined static group
(predefined attack objects, predefined static groups, and predefined dynamic groups),
plus the following members:
Custom attack objects
Custom dynamic groups
Other custom static groups
Use static groups to define a specific set of attacks to which you know your network is
vulnerable, or to group custom attack objects. For example, you might want to create a
group for a specific set of informational attack objects that keep you aware of what is
happening on your network.
Static groups require more maintenance than dynamic groups because you must manually
add or remove attack objects in a static group to change the members. However, you
can include a dynamic group within a static group to automatically update some attack
objects. For example, the predefined attack object group Operating System is a static
group that contains four predefined static groups: BSD, Linux, Solaris, and Windows. The
BSD group contains the predefined dynamic group BSD-Services-Critical, to which attack
objects can be added during an attack database update.
To create a custom static group:
In Object Manager, select Attack Objects > IDP Objects. The IDP Objects dialog box
1.
appears.
Click the Custom Attack Groups tab, then click the Add icon and select Add Static
2.
Group. The New Static Group dialog box appears.
Enter a name and description for the static group. Select a color for the group icon.
3.
To add an attack or group to the static group, select the attack or group from the
4.
Attacks/Group list and click the Add button.
Click OK.
5.
For instructions for creating a static attack object group, see the NSM Online Help topic
"Adding Static Attack Groups."
A dynamic group contains a dynamic set of attack objects that are automatically added
or deleted based on specified criteria for the group. For example, an attack database
update can add or remove attack objects from a dynamic group based on the group
criteria. This eliminates the need to review each new signature to determine if you need
to use it in your existing security policy.
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
Need help?
Do you have a question about the NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1 and is the answer not in the manual?
Questions and answers