Table of Contents
Advertisement
Network and Security Manager Administration Guide
xviii
Working with IDP Attack Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341
Viewing Predefined IDP Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341
Viewing Predefined IDP Attack Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341
Viewing Attack Version Information for Attack Objects and Groups . . . . . . 342
Updating Predefined IDP Attack Objects and Groups . . . . . . . . . . . . . . . . . . 342
Configuring Custom DI and IDP Attack Objects . . . . . . . . . . . . . . . . . . . . . . . . . . 343
Using the Attack Object Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343
Copying and Editing Predefined Attack Objects to Create Custom Attack
Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344
Configuring Attack Name and Description . . . . . . . . . . . . . . . . . . . . . . . . . . 344
Configuring Extended Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345
Configuring External References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345
Configuring Target Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346
Creating a Signature Attack Object . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347
Configuring General Attack Properties . . . . . . . . . . . . . . . . . . . . . . . . . . 347
Configuring Attack Detection Properties . . . . . . . . . . . . . . . . . . . . . . . . 352
Configuring Header Match Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . 355
Configuring a Protocol Anomaly Attack Object . . . . . . . . . . . . . . . . . . . . . . . 359
Configuring a Compound Attack Object . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359
Configuring General Attack Properties . . . . . . . . . . . . . . . . . . . . . . . . . . 360
Configuring Compound Attack Members . . . . . . . . . . . . . . . . . . . . . . . . 360
Configuring the Direction Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362
Creating Custom DI Attack Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362
Creating Custom IDP Attack Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363
Creating Static Attack Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363
Creating Dynamic Attack Groups (IDP Only) . . . . . . . . . . . . . . . . . . . . . . . . 364
Updating Dynamic Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366
Editing a Custom Attack Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367
Deleting a Custom Attack Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367
Unified Threat Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367
Creating UTM Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367
Creating an Antivirus Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368
Creating an Antispam Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369
Creating a Content Filtering Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369
Creating a URL Filtering Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370
Miscellaneous UTM Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371
Multipurpose Internet Mail Extension (MIME) Lists . . . . . . . . . . . . . . . . . 371
Extension Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371
Command Lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372
URL Patterns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372
URL Categories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372
ScreenOS Threat Management Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373
Configuring Antivirus Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373
Configuring External AV Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374
Configuring Internal AV Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375
Configuring ICAP AV Servers and Profiles . . . . . . . . . . . . . . . . . . . . . . . . 376
Configuring ICAP AV Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 377
Configuring Web Filtering Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
Related Products for Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING J SERIES SERVICES ROUTERS AND SRX SERIES SERVICES GATEWAYS GUIDE REV
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - M-SERIES AND MX-SERIES DEVICES GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper NETWORK AND SECURITY MANAGER 2010.2
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008
Need help?
Do you have a question about the NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1 and is the answer not in the manual?
Questions and answers