 |
Copyright © 2010, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
Table 250describes the available options for the IDP Sensor configuration page.
Table 250: Configuring IDP Sensor
|
Field |
Function |
Action |
|---|---|---|
| Basic |
Select Basic and click Edit and update the following fields. |
|
| IPS | ||
|
Minimum Log Supercade |
Specifies the minimum number of logs to trigger the signature hierarchy feature. |
Enter an integer. |
| LOG | ||
|
Cache Size |
Specifies the size of the cache memory (MB) where IDP stores log records. |
Enter an integer. |
|
Disable Suppression |
Specifies if the log suppression has to be disabled. |
Click the check box. |
|
Include Destination Address |
Specifies to combine log records for events with a matching source address. |
Select an option from the list. |
|
Max Logs Operate |
Specifies the maximum number of logs on which log suppression can operate. IDP can operate on 16,384 log records by default. |
Enter an integer. |
|
Max Time Report |
Specifies the time (seconds) after which suppressed logs will be reported. IDP reports suppressed logs after 5 seconds by default. |
Enter an integer. |
|
Start Log |
Specifies the number of log occurrences after which log suppression begins. Log suppression begins with the first occurrence by default. |
Enter an integer. |
| Reassembler | ||
|
Ignore Memory Overflow |
Specifies if the user has to allow per-flow memory to go out of limit. |
Select an option from the list. |
|
ignore Reassembly Memory Overflow |
Specifies if the user has to allow per-flow reassembly memory to go out of limit. |
Select an option from the list. |
|
Max Flow Memory |
Specifies maximum per-flow memory for TCP reassembly in kilobytes. |
Enter an integer. |
|
Max Packet Memory |
Specifies maximum packet memory for TCP reassembly in kilobytes. |
Enter an integer. |
| Advanced |
Select Advanced and click Edit and update the following fields. |
|
| IDP Flow | ||
|
Allow ICMP Without Flow |
Specifies if ICMP has to be allowed without flow. |
Select an option from the list. |
|
Log Errors |
Specifies if the flow errors have to be logged. |
Select an option from the list. |
|
Flow FIFO Max Size |
Specifies the maximum FIFO size. The default value is 1. |
Enter a value. |
|
Hash Table Size |
Specifies the hash table size. The default value is 1024. |
Enter a value. |
|
Max Timers Poll Ticks |
Specifies the maximum amount of time at which the timer ticks at a regular interval. |
Enter a value. |
|
Reject Timeout |
Specifies the amount of time in milliseconds within which a response must be received. |
Enter a value. |
|
UDP Anticipated Timeout |
Specifies the amount of time in milliseconds within which a UDP response must be received. |
Enter a value. |
| Global | ||
|
Enable All Qmodules |
Specifies if all the qmodules of the global rulebase IDP security policy are enabled. |
Select an option from the list. |
|
Enable Packet Pool |
Specifies if the packet pool is enabled to be used when the current pool is exhausted. |
Select an option from the list. |
|
Policy Lookup Cache |
Specifies if the cache is enabled to accelerate IDP policy lookup. |
Select an option from the list. |
|
GTP Decapsulation |
Specifies if the number of packets that are GPRS tunneling protocol (GTP) packets are decapsulated. |
Select an option from the list. |
|
Memory Limit Percent |
Specifies to limit IDP memory usage at this percent of available memory. |
Enter a value. |
| IPS | ||
|
Detect Shellcode |
Specifies if shellcode detection has to be applied. |
Select an option from the list. |
|
Ignore Regular Expression |
Specifies if the sensor has to bypass DFA and PCRE matching. |
Select an option from the list. |
|
Process Ignore Server-to-Client |
Specifies if the sensor has to bypass IPS processing for server-to-client flows. |
Select an option from the list. |
|
Process Override |
Specifies if the sensor has to execute protocol decoders even without an IDP policy. |
Select an option from the list. |
|
Process Port |
Specifies a port on which the sensor executes protocol decoders. |
Enter an integer. |
|
IPS FIFO Max Size |
Specifies the maximum allocated size of the IPS FIFO. |
Enter an integer. |
| Detector |
Click Detector and click Add or Edit and update the following fields. |
|
|
Protocol |
Specifies the name of the protocol to enable or disable the detector. |
Select the name of the protocol from the list. |
|
Tunable Name |
Specifies the name of the tunable parameter to enable or disable the protocol detector for each of the services. |
Select the name of the specific tunable parameter from the list. |
|
Tunable Value |
Specifies the value of the tunable parameter to enable or disable the protocol detector for each of the services. |
Enter the protocol value of the specific tunable parameter. |
describes the available options for the IDP Sensor configuration page.
Table 251: Configuring IDP Sensor Detector
|
Field |
Function |
Action |
|---|---|---|
| Detector | ||
|
Add |
Add the detector configuration |
Click Detector and click Add on the task bar. Update the Detector configuration fields as provided inTable 250. |
|
Edit |
Updates the existing the detector configuration |
Click Detector. Select an existing Detector configuration and click Edit on the task bar. Update the Detector configuration fields as provided inTable 250 for configuring Detector . |
|
Delete |
Deletes the existing the detector configuration |
Click Detector and click Delete on the task bar. |
|
Copyright © 2010, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |