[Contents] [Prev] [Next] [Index] [Report an Error]

CLI Configuration

To define rules for an IPS rulebase:

  1. Create a policy by assigning a meaningful name to it. The following statement specifies base-policy as the policy name:
    user@host# set security idp idp-policy base-policy
  2. Associate a rulebase with the policy. The following statement associates an IPS rulebase with base-policy:
    user@host# set security idp idp-policy base-policy rulebase-ips
  3. Add rules to the rulebase. The following statement adds a rule R1 to the rulebase:
    user@host# set security idp idp-policy base-policy rulebase-ips rule R1
  4. Define the match criteria for the rule. The following statement specifies that traffic from trust zone to untrust zone as match criteria for rule R1. The default application setting matches any application configured in the attack object.
    user@host# set security idp idp-policy base-policy rulebase-ips R1 match from-zone trust to-zone untrust source-address any destination-address any application default
  5. Define an attack as match criteria. The following statement specifies predefined attack group Critical - TELNET as match criteria for rule R1:
    user@host# set security idp idp-policy base-policy rulebase-ips R1 match attacks predefined-attack-group “Critical - TELNET”
  6. Specify an action for the rule. The following statement specifies that the connection be dropped for any traffic that matches the criteria defined for rule R1:
    user@host# set security idp idp-policy base-policy rulebase-ips R1 then action drop-connection
  7. Specify notification and logging options for the rule. The following statement enables logging for this attack and specifies that an alert flag be added to the attack log:
    user@host# set security idp idp-policy base-policy rulebase-ips R1 then notification log-attacks alert
  8. Set the severity level for the rule. The following statement sets a critical severity level for rule R1:
    user@host# set security idp idp-policy base-policy rulebase-ips R1 then severity critical
  9. Activate the policy. The following statement specifies base-policy as the active policy:
    user@host# set security idp active-policy base-policy
  10. If you are finished configuring the router, commit the configuration.
  11. From configuration mode in the CLI, enter the show security idp command to verify the configuration. For more information, see the JUNOS Software CLI Reference.
[Contents] [Prev] [Next] [Index] [Report an Error]

Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice.