J-Web Configuration

To define rules for an exempt rulebase:

1. Specify the IPS rulebase for which you want to define and exempt rulebase. The following statement specifies policy P1 as the IPS rulebase:
   1. Select Configuration>View and Edit>Edit Configuration. The Configuration page appears.
   2. Next to Security, click Configure or Edit.
   3. Next to Idp, click Configure .
   4. Next to Idp policy, click Add new entry.
   5. In the Policy name box, type P1.
2. Associate the exempt rulebase with the policy and add a rule to the rulebase. The following tasks associate the exempt rulebase with policy P1 and adds rule R1 to the rulebase:
   1. Next to Rulebase exempt, click Configure.
   2. Next to Rule, click Add new entry.
   3. In the Name box, type R1.
4. Specify the attacks that you want to exempt from attack detection. The following configuration statement specifies that any traffic in your company's internal network is exempt from the FTP:USER:ROOT attack:
   1. Next to Match, click Configure.
   2. From the From zone list, select Enter specific value and type trust in the Zone box.
   3. From the To zone list, select any.
   4. From the Source list, select Source address.
   5. Next to Source address, select Add new entry.
   6. From the Value list, select Enter specific value.
   7. In the Address box, type FTP:USER:ROOT.
5. Activate the policy. The following tasks specify P1 as the active policy:
   1. On the Idp page, in the Active-policy box, type P1.
   2. Click OK.
6. If you are finished configuring the device, commit the configuration.

Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice.