IDP Policies Configuration Page Options
- Select Configure>Security>Policy>Define
IDP Policy.
The IDP Policy configuration page appears. Table 42 explains the contents of this page.
- Click the following:
- Template—Downloads, installs, and loads a template. Enter information as specified in Table 43.
- Click the following:
- Check Status—Checks download or install status. Enter information as specified in Table 44.
- Click one:
- Add—Adds a new or duplicate IDP policy configuration. Enter information as specified in Table 45.
- Edit—Edits the selected IDP policy configuration.
- Delete—Deletes the selected IDP policy configuration.
- Click the following:
- Clone—Clones or copies a policy. Select a record in the Policy List. Enter information as specified in Table 46.
- Click Activate to validate and activate the configuration.
- Click one:
- OK—Saves the configuration and returns to the main configuration page.
- Commit Options>Commit—Commits the configuration and returns to the main configuration page.
- Cancel—Cancels your entries and returns to the main configuration page.
Table 42: IDP Policy Configuration Page
Field | Function |
|---|---|
| Policy List | |
Status | Displays the status of the policy. |
Name | Displays the IDP policy name. |
Type | Displays the IDP policy type. |
IPS Rule Number | Displays the number of rule based IP profiles that are configured. |
Exempt Rule Number | Displays the number of rule based exempt profiles that are configured. |
Table 43: Template Details
| Field | Function | Action |
|---|---|---|
Template | Loads a predefined IDP template. The options available are:
| Click Template and select an option. |
Table 44: Check Status Details
| Field | Function | Action |
|---|---|---|
Check Status | Checks download or install status. The options available are:
| Click Check Status and select an option. |
Table 45: Add IDP Policy Configuration Details
| Field | Function | Action |
|---|---|---|
Policy Name | Specifies the name of the IDP policy. | Enter a policy name. |
Activate | Specifies whether or not the configured IDP policy is set as the active policy. | Select the check box. |
IPS Rule | Specifies the IPS rule created. The options available are:
| Select an option. |
| Basic | ||
Policy Name | Specifies the name of the IDP policy. | Displays the name of the IDP policy. |
Rule Name | Specifies the name of the IPS rulebase rule. | Enter a rule name. |
Rule Description | Specifies a description for the rule. | Enter the description for the rule. |
Action | Specifies the list of all the rule actions for IDP to take when the monitored traffic matches the attack objects specified in the rules. | Select a rule action from the list. |
Application | Specifies the list of one or multiple configured applications. | Select the applications to be matched. |
Attack Type | Specifies the attack type that you do not want the device to match in the monitored network traffic. The options available are:
| Select an option from the list and click the right arrow to match an attack object or attack group to the rule. |
Category | Specifies the category used for scrutinizing rules of sets. | Select a category from the list. |
Severity | Specifies the rule severity levels in logging to support better organization and presentation of log records on the log server. | Select a severity level from the list. |
Direction | Specifies the direction of network traffic you want the device to monitor for attacks. | Select a direction level from the list. |
Matched | Specifies the type of network traffic you want the device to monitor for attacks. | Select the traffic type and click the right arrow to move it to the matched list. |
| Advanced | ||
IP Action | Specifies the action that IDP takes against future connections that use the same IP address. | Select an IP action from the list. |
IP Target | Specifies the destination IP address. | Select an IP target from the list. |
Timeout | Specifies the number of seconds the IP action should remain effective before new sessions are initiated within that specified timeout value. | Enter the timeout value, in seconds. The maximum value is 65,535 seconds. |
Log IP Action | Specifies whether or not the log attacks are enabled to create a log record that appears in the log viewer. | Select the check box. |
Enable Attack Logging | Specifies whether or not the configuring attack logging alert is enabled. | Select the check box. |
Set Alert Flag | Specifies whether or not an alert flag is set. | Select the check box. |
Severity | Specifies the rule severity level. | Select an option from the list. |
Terminal | Specifies whether or not the terminal rule flag is set. | Select the check box. |
| Match | ||
From Zone | Specifies the match criteria for the source zone for each rule. | Select the match criteria from the list. |
To Zone | Specifies the match criteria for the destination zone for each rule. | Select the match criteria from the list. |
Source Address | Specifies the zone exceptions for the from-zone and source address for each rule. The options available are:
| Select the from-zone and source addresses/address sets from the list and do one of the following:
|
Destination Address | Specifies the zone exceptions for the to-zone and destination address for each rule. The options available are:
| Select the to-zone and destination addresses/address sets from the list and do one of the following:
|
Table 46: Clone Details
| Field | Function | Action |
|---|---|---|
Copy Policy | Displays the policy name that was created. | — |
New Policy | Specifies the new policy name. | Enter a new policy name. |