Table of Contents
Advertisement
Copyright © 2010, Juniper Networks, Inc.
A predefined or custom dynamic group can only contain attack objects and not attack
groups. Dynamic group members can be either predefined or custom attack objects.
To create a custom dynamic group:
In Object Manager, select Attack Objects > IDP Objects. The IDP Objects dialog box
1.
appears.
Click the Custom Attack Groups tab, then click the Add icon and select Add Dynamic
2.
Group. The New Dynamic Group dialog box appears.
Enter a name and description for the static group. Select a color for the group icon.
3.
In the Filters tab, click the Add icon and select one of the following:
4.
Add Products Filter to add attack objects based on the application that is vulnerable
to the attack.
Add Severity Filter to add attack objects based on the attack severity.
NOTE: All predefined attack objects are assigned a severity level by Juniper Networks.
However, you can edit this setting to match the needs of your network.
Add Category Filter to add attack objects based on category.
Add Last Modified Filter to add attack objects based on their last modification date.
Add Recommended Filter to include only attacks designated to be the most serious
threats to the dynamic group. In the future, Juniper Networks will designate only attacks
it considers to be serious threats as Recommended. These settings will be updated
with new attack object updates. In addition, you can designate custom attack objects
as Recommended or not.
You create filters one at a time; each criteria you add is compared to the attributes for
each attack object. Attack objects that do not match the criteria are immediately filtered
out. If you create a filter with attributes that no attack object can match, a message
appears warning you that your dynamic group has no members.
From the resulting list of matching attack objects, you can then exclude any attack objects
that produces false positives on your network, or an attack object that detects an attack
to which your network is not vulnerable.
NOTE: A dynamic group cannot contain another group (predefined, static, or dynamic).
However, you can include a dynamic group as a member of a static group.
Example: Creating a Dynamic Group
To create a dynamic group:
Chapter 8: Configuring Objects
361
Advertisement
Table of Contents
Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1
Related Products for Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING J SERIES SERVICES ROUTERS AND SRX SERIES SERVICES GATEWAYS GUIDE REV
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - M-SERIES AND MX-SERIES DEVICES GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008