[Prev][Next][Report an Error]

Adding an Exempt Rulebase

To add an exempt rulebase :

  1. Select Configure>Security>Policy>IDP Policies.
  2. To add exempt rulebase for an existing IDP policy, select Rulebase:Exempt and click Add
  3. To add an exempt rulebase for a new policy:
  4. Fill in the information as described in Table 160.
  5. Click one of the following buttons:

Table 160: Add an Exempt Rulebase Configuration Details

Field

Function

Actions
Basic

Policy Name

Specifies the name of the IDP Policy.

  

Rule Name

Specifies the name of the exempt rulebase rule.

Type a rule name

Rule Description

Specifies the description for the rule.

Type the description for the rule.

Attack Type

Specifies predefined or custom attack objects or attack groups that are used to match the traffic against known attacks.

Select the attack or attack group from the list and do one of the following:

  • To match a custom attack to the rule, click the left arrow.
  • To match an attack or attack list to the rule, click right arrow.

Category

Specifies the category used for scrutinizing rules to sets.

Select a category from the list.

Severity

Specifies the rule severity levels in logging to support better organization and presentation of log records on the log server.

Select a severity level from the list.

Direction

Specifies the direction of network traffic you want the device to monitor for attacks.

Select a direction level from the list.

Matched

Specifies the type of network traffic you want the device to monitor for attacks.

Select the traffic types and click the right arrow to move them to the matched list.

Match

From Zone

Specifies the match criteria for the source zone for each rule.

Select the match criteria from the list.

To Zone

Specifies the match criteria for the destination zone for each rule.

Select the match criteria from the list.

Source Address

Specifies the zone exceptions for the from-zone and source address for each rule.

Select the from-zone and source addresses/address sets from the list and do one of the following:

  • Click the Match button to match the from-zone and source address/address sets to the rule and click the right arrow.
  • Click the Except button to enable the exception criteria.

Destination Address

Specifies the zone exceptions for the to-zone and destination address for each rule.

Select the to-zone and destination addresses/address sets from the list and do one of the following:

  • Click the Match button to match the from-zone and source address/address sets to the rule and click the right arrow.
  • Click the Except button to enable the exception criteria.
[Prev][Next][Report an Error]

Copyright © 2010, Juniper Networks, Inc. All rights reserved. Trademark Notice.