Table of Contents
Advertisement
Network and Security Manager Administration Guide
Viewing Attack Version Information for Attack Objects and Groups
Updating Predefined IDP Attack Objects and Groups
342
Attack Type groups attack objects by type (anomaly or signature). Within each type,
attack objects are grouped by severity.
Category groups attack objects by predefined categories. You can view the IP version
of predefined IDP attack groups. Within each category, attack objects are grouped by
severity.
Operating System groups attack objects by the operating system to which they apply:
BSD, Linux, Solaris, or Windows. Within each operating system, attack objects are
grouped by services and severity.
Severity groups attack objects by the severity assigned to the attack. IDP has five
severity levels: Info, Warning, Minor, Major, Critical. Within each severity, attack objects
are grouped by category.
To locate all rules that use a predefined attack object group, right-click the attack object
group and select Find Usages.
A predefined static group can include the following members:
Predefined attack objects
Predefined static groups
Predefined dynamic groups
To display a detailed description of an attack object group, double-click the attack.
NSM lets you look at the details of predefined attack objects and groups. Not all details
are applicable to all attacks.
The
field under the
Pattern
box (which appears when you double-click the object) displays the regular expression
used to identify the attack. Juniper Networks Security Engineering may choose to hide
the exact pattern for specific attack objects. This is done to protect the confidentiality
of either the source or target of the specific attack object. In such cases, the field displays
Protected instead of the regular expression.
To view attack version information, click one of the supported platform links under the
column within this attack object dialog box.
Platform
Juniper Networks updates the predefined attack objects and groups on a regular basis
with newly-discovered attack patterns. You can update the attack object database on
your security devices by downloading the new attacks and groups to the NSM GUI Server,
then installing the new database on your devices.
NOTE: You cannot create, edit, or delete predefined attack object or groups.
column in the
Details
General
tab of the attack object dialog
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
Need help?
Do you have a question about the NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1 and is the answer not in the manual?
Questions and answers