[Contents] [Prev] [Next] [Index] [Report an Error]

Understanding Custom Attack Objects

You can create custom attack objects to detect new attacks or customize predefined attack objects to meet the unique needs of your network.

Before You Begin
For background information, read: IDP Policies Overview Understanding IDP Policy Rulebases Understanding Predefined Attack Objects and Groups

Before You Begin

For background information, read:

IDP Policies Overview
Understanding IDP Policy Rulebases
Understanding Predefined Attack Objects and Groups

To configure a custom attack object, you specify a unique name for it and then specify additional information, such as a general description and keywords, which can make it easier for you to locate and maintain the attack object.

Certain properties in the attack object definitions are common to all types of attacks, such as attack name, description, severity level, service or application binding, time binding, recommended action, and protocol or port binding. Some fields are specific to an attack type and are available only for that specific attack definition.

This topic covers:

Attack Name
Severity
Service or Application Binding
Protocol or Port Bindings
Time Bindings
Attack Properties—Signature Attacks
Attack Properties—Protocol Anomaly Attacks
Attack Properties—Compound or Chain Attacks
Related Topics

[Contents] [Prev] [Next] [Index] [Report an Error]