1. Manuals
  2. Brands
  3. Enterasys Manuals
  4. Software
  5. Intrusion Prevention System
  6. Manual

Table Of Contents - Enterasys Intrusion Prevention System Manual

Network sensor policies and signatures guide
Hide thumbs Also See for Intrusion Prevention System:
Table of Contents

Advertisement

Intended Audience .............................................................................................................................................xi
Version Support .................................................................................................................................................xi
Related Documents ...........................................................................................................................................xi
Conventions ...................................................................................................................................................... xii
Getting Help ...................................................................................................................................................... xii
Enterasys IPS Network Sensors .................................................................................................................... 1-1
Virtual Network Sensors ........................................................................................................................... 1-2
Network Sensor Policies ................................................................................................................................. 1-2
Network Sensor Policy Modules .............................................................................................................. 1-4
Network Sensor Signatures ............................................................................................................................ 1-9
Signature Libraries and Event Groups ................................................................................................... 1-10
Basic and Extended Signatures ............................................................................................................. 1-14
Configuring Port Macros ............................................................................................................................... 1-14
Procedure ............................................................................................................................................... 1-15
Chapter 2: Creating Network Sensor Policies
Creating New Policies .................................................................................................................................... 2-1
Copying Existing Policies ............................................................................................................................... 2-3
Configuring the Application Filter Module ....................................................................................................... 2-3
General Settings Tab ............................................................................................................................... 2-4
IP Settings Tab ......................................................................................................................................... 2-6
Port Settings Tab ..................................................................................................................................... 2-8
Protocol Settings Tab ............................................................................................................................. 2-11
VLAN Settings Tab ................................................................................................................................. 2-13
Probe Settings Tab ................................................................................................................................ 2-14
Rule Settings Tab ................................................................................................................................... 2-16
Signature Settings Tab ........................................................................................................................... 2-18
Configuring the Covert Channel Analysis Module ........................................................................................ 2-20
Backdoor Settings .................................................................................................................................. 2-20
Fast ICMP Settings ................................................................................................................................ 2-21
Enable Loki Check Setting ..................................................................................................................... 2-21
Procedure ............................................................................................................................................... 2-21
Configuring the DoS Check Module ............................................................................................................. 2-22
Procedure ............................................................................................................................................... 2-23
Configuring the Dragon Filter Module ........................................................................................................... 2-24
Writing a Filter Rule ................................................................................................................................ 2-25
Procedure ............................................................................................................................................... 2-26
Configuring the Dynamic Module ................................................................................................................ 2-28
Procedure ............................................................................................................................................... 2-28
Configuring the Header Search Module ...................................................................................................... 2-29
Specifying Search Strings ...................................................................................................................... 2-29
Procedure ............................................................................................................................................... 2-30
Example ................................................................................................................................................. 2-31
Configuring the Logging Module ................................................................................................................... 2-31
Procedure ............................................................................................................................................... 2-32
Configuring the Network Layer Module ........................................................................................................ 2-33
General Settings Tab ............................................................................................................................. 2-34
Contents
vii

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the Intrusion Prevention System and is the answer not in the manual?

Related Manuals for Enterasys Intrusion Prevention System

Related Products for Enterasys Intrusion Prevention System

Table of Contents