Viewing flow alert rules
Adding flow alert rules
Adding flow alert rules
■
Symantec Network Security provides a way to view flow alert rules from the
Network Security console.
To view flow alert rules
In the Network Security console, click Configuration > Flow Alert Rules.
◆
In Flow Alert Rule, you can view the rule details.
Note: SuperUsers and Administrators can read and write flow alert rules;
StandardUsers can view only; and RestrictedUsers have no access at all. See
"User groups reference"
We recommend that you initially configure flow alert rules to allow acceptable
corporate traffic flow. Set the Permit and Alert rules to specify explicitly what to
permit across each interface, and to alert on everything else.
To add a flow alert rule
1
In the Network Security console, click Configuration > Flow Alert Rules.
2
In Flow Alert Rules, click Add.
3
In Flow Alert Rule, in Rule Type, do one of the following:
Click Permit.
■
Click Alert.
■
See
"Using the permit rule type"
4
Click Set Interfaces.
5
In Select Interface or Device, select the object where you want the rule
applied, and click OK.
6
In Flow Alert Rule, select the following information from the pull-down
lists, and click Add:
Source IP address, mask, and port
■
Destination IP address, mask, and port
■
See
"Providing an appropriate mask"
7
In Flow Alert Rule, click OK.
on page 319 for more about permissions.
on page 157.
Managing flow alert rules
on page 157.
Responding
155