Table of Contents
Advertisement
Network and Security Manager Administration Guide
xxii
Configuring IDP Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468
Defining Match For IDP Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469
Configuring Source and Destination Zones for IDP Rules (Does not apply
to Standalone IDP Sensor rulebases) . . . . . . . . . . . . . . . . . . . . . . . 469
Configuring Source and Destination Address Objects for IDP Rules . . . 469
Configuring User Roles for IDP Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . 470
Configuring Services for IDP Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 471
Configuring Terminal IDP Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 472
Defining Actions For IDP Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 473
Configuring Attack Objects in IDP Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475
Adding IDP Attack Object Groups by Category . . . . . . . . . . . . . . . . . . . . 475
Adding IDP Attack Objects by Operating System . . . . . . . . . . . . . . . . . . 476
Adding IDP Attack Objects by Severity . . . . . . . . . . . . . . . . . . . . . . . . . . 476
Adding Custom Dynamic Attack Groups . . . . . . . . . . . . . . . . . . . . . . . . . 477
Configuring IP Actions in IDP Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 477
Choosing an IP Action . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478
Choosing a Block Option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478
Setting Logging Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478
Setting Timeout Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479
Configuring Notification in IDP Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479
Setting VLAN Tags for IDP Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480
Setting Severity for IDP Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480
Setting Target Devices for IDP Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 481
Entering Comments for IDP Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 481
Configuring multiple IDP policies for an MX Series Router . . . . . . . . . . . . . . 481
Configuring Application Policy Enforcement (APE) Rules . . . . . . . . . . . . . . . . . . 483
Adding the APE Rulebase Using the Policy Manager . . . . . . . . . . . . . . . . . . 483
Defining Matches For APE Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 484
Configuring Applications for APE Rules . . . . . . . . . . . . . . . . . . . . . . . . . 485
Configuring Source and Destination Zones for APE Rules (Does not
Apply to Standalone IDP Sensor Rulebases) . . . . . . . . . . . . . . . . . 485
Configuring User Roles for APE Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . 486
Configuring Services for APE Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . 486
Configuring Actions For APE Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487
Configuring IP Actions in APE Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 488
Choosing an IP Action . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 488
Choosing a Block Option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489
Setting Logging Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489
Setting Timeout Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489
Configuring Notification in APE Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489
Setting VLAN Tags for APE Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490
Setting Severity for APE Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490
Setting Target Security Devices for APE Rules . . . . . . . . . . . . . . . . . . . . . . . . 491
Entering Comments for APE Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
Related Products for Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING J SERIES SERVICES ROUTERS AND SRX SERIES SERVICES GATEWAYS GUIDE REV
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - M-SERIES AND MX-SERIES DEVICES GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3
- Juniper NETWORK AND SECURITY MANAGER 2010.2
- Juniper MEDIA FLOW CONTROLLER 2.0.4 -
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - AQL EVENT AND FLOW QUERY CLI GUIDE
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - EVENT CATEGORY CORRELATION REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - SNMP AGENT GUIDE REV 1
- Juniper STRM LOG MANAGEMENT 2008.2 - S 6-2008