Attack Object Database Overview

The Attack Object option is only available on some security devices. Use the Attack Database option to configure a database that contains all the predefined attack objects, organized into attack object groups by protocol and severity level.

Juniper Networks stores the attack object database on the attack object update server at https://services.netscreen.com/restricted/sigupdates. To gain access to the attack object update server, you must first obtain an attack object update subscription for your security device.

After you have obtained a subscription, you must update the attack object database on the GUI server and managed device. The update process differs slightly between devices running ScreenOS 5.1 and later and devices running 5.0; for details, see the “Managing Devices” section of the Network and Security Manager Administration Guide.

For all devices, the attack object database on the managed device must match the version of the attack object database on the GUI server. If the databases do not match, a validation icon appears next to the Attack Database Version setting, and the Disable Attack option does not appear in the device navigation tree.

To use the predefined attack objects, create a DI Profile object that references specific attack object groups and configure a firewall rule to use that profile object.

To configure the attack object database:

You can also direct a security device to update its attack object database immediately, either from the attack object update server (ScreenOS 5.0 devices) or the NSM GUI server (ScreenOS 5.1 and later devices). For more information, see the “ Managing Devices” section of the Network and Security Manager Administration Guide.

Related Documentation