Configuring Target Platforms - Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1 Administration Manual

Network and Security Manager Administration Guide

Configuring Target Platforms

346
External references, in conjunction with standard network security references, can help
other administrators get more information about how an attack works or help you research
and compare the attack in relation to a suspected new attack.
Specifically, the attack object wizard prompts you for the following:
URLs—Enter up to three URLs for external references you used when researching the
attack.
Standard References—Enter the standardized network security organizations' attack
designations for the attack:
CVE (Common Vulnerabilities and Exposures) is a standardized list of vulnerabilities
and other information security exposures. The CVE number is an alphanumeric code,
such as CVE-1999-0003.
BugTraq is a moderated mailing list that discusses and announces computer security
vulnerabilities. The BugTraq ID number is a three-digit code, such as 831 or 120.
When you have completed entering the external references for the attack, you can select
the target platforms for the attack object.
In the tab, you must select the target platform, configure the attack version, then
General
set a direction filter (described in "Configuring the Direction Filter" on page 362) for the
attack object. To select the target platform and configure the attack version, click the
Add icon, under Attack Versions to display the
On the
Target Platform and Type
which the attack object is designed. Because different versions of ScreenOS and IDP
support additional functionality than previous versions, you must specify the versions
that must support the attack object. After you have made your selection, the attack
object wizard automatically removes options from the custom attack object creation
process based on the selected target platforms.
To configure the selected target platform, click the Add icon to display the New Supported
Platform dialog box. Select the versions of ScreenOS 5.0 or later or IDP (idp4.0.0) that
must support the attack object.
NOTE: The string
software that also has IDP capability, such as the software that runs on an
ISG2000.
The string (without the
idp
that runs on a standalone IDP device, such as an IDP 600C.
Next, select the type of attack that the attack object detects. After you have added the
supported platform to the custom attack object, you can configure the attack type on
that platform. Select from one of the following attack types:
New Attack
page, you must select the ScreenOS or IDP versions for
isp-sos in a Target Platform label indicates ScreenOS
) in the Target Platform label indicates software
sos
Copyright © 2010, Juniper Networks, Inc.
wizard.