Table of Contents
Advertisement
Network and Security Manager Administration Guide
292
To perform a network update, enter the URL of the Attack Object Database web
server in the Download URL box. To restore the default server, select Restore
Defaults.
To perform a local update, specify the local directory path to the
previously downloaded in the Download URL box. Example:
file:///tmp/NSM-SecurityUpdateInfo.dat
To use a proxy server for attack object download, select the Enable Proxy check
box. Then, enter the proxy server IP address, port, user name, and password.
For DI devices, click the + button to enter a DI license key and specify Deep Inspection
Packs.
Select Tools > Update NSM Attack Database. The Update NSM Attack Database
5.
dialog box appears.
Follow the instructions in the Attack Update Manager to download the new Signature
6.
and Protocol Anomaly Attack Objects to the NSM GUI Server.
After you have updated the attack object database on the GUI Server, you can use that
database to update the attack object database on your managed devices.
IDP attack objects are loaded automatically when you load an IDP rulebase. DI attack
objects must be loaded manually.
To load the attack object database update to your managed devices:
From the Device Manager launchpad, select Security Updates> Update Device Attack
1.
Database, or from Devices in the menu bar, select Deep Inspection/IDP> Update
Device Attack Database. The Update Device Attack Database dialog box appears.
Click Next, then select the managed devices on which you want to install the attack
2.
object update.
Follow the directions in the Change Device Sigpack wizard to update the attack object
3.
database on the selected managed devices.
Updating DI Attacks on ScreenOS 5.0 Devices
You can update attacks for ScreenOS 5.0 and earlier devices (not 5.0.0 IDP1) by
configuring your managed devices to contact the attack object database server, then
prompting the devices to download new attack objects from the server.
To configure the device to contact the attack object database server:
In the main navigation tree, select Device Manager > Devices, and then double-click
1.
the device for which you want to configure the database.
In the device navigation tree, select Security > AttackDB > Settings.
2.
For Attack Database Server, enter
3.
https://services.netscreen.com/restricted/sigupdates
file you
.dat
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
