Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Understanding Network Honeypot Rulebase Match Settings

    Network Honeypot rulebase rules are triggered when a source IP address makes a connection request to the destination IP address and service specified in the rule.

    We recommend you set source to Any; set destination and service to the server and service you want to appear to be available.

    Tip: In NSM, you can create address objects and service objects to facilitate configuration. One benefit of using objects is that you can configure them once and then use them in multiple rules. For details, see the NSM documentation.

    Note: The Network Honeypot rulebase is a terminal rulebase–that is, Network Honeypot rules are inherently terminal rules. If a Network Honeypot rule matches, IDP does not process subsequent rules.


    Published: 2011-02-08