Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Identity and Access Contexts

These attack objects and groups are designed to detect known attack patterns and protocol anomalies within the network traffic. You can configure attack objects and groups for identity and access as match conditions in IDP policy rules.

Service Contexts: LDAP

The table displays the security context details for LDAP:

Table 1: Service Contexts: LDAP

Context and Direction

Description

Example of Contexts

ldap-abandon-request (CTS)

Matches the entire Abandon Request message.

ldap-add-request (CTS)

Matches the entire Add Request message.

ldap-add- request-attribute (CTS)

Matches each attribute in an Add Request message. The values are NULL delimited and the type, and values are newline delimited.

ldap-add- request-attributetype (CTS)

Matches the type each attribute in an Add Request message.

ldap-add-request- attributevalue (CTS)

Matches the value of each attribute in an Add Request message.

ldap-add- request-entry (CTS)

Matches the object in an Add Request message.

ldap-bind- request (CTS)

Matches the entire LDAP Bind Request message.

ldap-bind- request-authentication (CTS)

Matches the authentication information in a Bind Request message including the 1-byte type.

ldap-bind- request-ldapDN (CTS)

Matches the name of the directory object to which the client wants to bind.

ldap-bind- request-version (CTS)

Matches the LDAP version in a Bind Request message.

ldap-compare-request (CTS)

Matches the entire Compare Request message.

ldap-compare-request- assertionvalue (CTS)

Matches the value against which the attribute value is compared in a Compare Request message.

ldap-compare-request- attributedesc (CTS)

Matches the attribute type of an entry in a Compare Request message.

ldap-compare-request- entry (CTS)

Matches the entry of the DN to be compared in a Compare Request message.

ldap-delete- request (CTS)

Matches the entire Delete Request message.

ldap-extended-request (CTS)

Matches the entire Extended Request message.

ldap-extended-request- requestName (CTS)

Matches the request name in the Extended Request message.

ldap-extended-request- requestValue (CTS)

Matches the request value in the Extended Request message.

ldap-extended-response- response (STC)

Matches the response field in the Extended Request message.

ldap-extended-response- responseName (STC)

Matches the response name in the Extended Response message.

ldap-modify-request (CTS)

Matches the entire Modify Request message.

ldap-modify- request-attribute (CTS)

Matches each attribute in a Modify Request message including the 1-byte modify operation. The values are NULL delimited, and the type and values are newline delimited.

ldap-modify- request-attributetype (CTS)

Matches each attribute type in a Modify Request message.

ldap-modify- request-attributevalue (CTS)

Matches each attribute value in a Modify Request message.

ldap-modify- request-object (CTS)

Matches the object in the Modify Request message.

ldap- modifyDN-request (CTS)

Matches the entire Modify-DN Request message.

ldap- modifyDN-request- entry (CTS)

Matches the DN of the entry in a Modify-DN Request message.

ldap- modifyDN-request- newRDN (CTS)

Matches the new DN that replaces the old DN in a Modify-DN Request message.

ldap- modifyDN-request- newsuperior (CTS)

Matches the new DN that becomes the parent of the existing DN entry in a Modify-DN Request message.

ldap-result (STC)

Matches the entire Result message, including the 1-byte response type.

ldap-result- errorMessage (STC)

Matches the error message in the result.

ldap-result- matchedDN (STC)

Matches the base object in the Result message, including the 1-byte tag.

ldap-result- referral (STC)

Matches each referral URL in the result.

ldap-search- request (CTS)

Matches the entire LDAP Search Request message.

ldap-search-request-attribute (CTS)

Matches each attribute in a Search Request message.

ldap-search-request-attributelist (CTS)

Matches all the attributes in a Search Request message.

ldap-search-request-baseObject (CTS)

Matches the base object entry against which the search is performed. This includes the 1-byte scope, which can represent baseObject, singleLevel or wholeSubtree.

ldap-search-request-filter (CTS)

Matches the contents of the search filter.

ldap-search- request-sizeLimit (CTS)

Matches the sizeLimit field of the search request.

ldap-search- request-timeLimit (CTS)

Matches the timeLimit field of the search request.

ldap-search- resentry (STC)

Matches the entire Search Result message.

ldap-search- resentry-attribute (STC)

Matches each attribute in the search result. The values are NULL delimited, and the type and value list are newline delimited.

ldap-search- resentry-attributetype (STC)

Matches each attribute type in the search result.

ldap-search- resentry-attributevalue (STC)

Matches each attribute value in the search result.

ldap-search- resentry-objectname (STC)

Matches the base object of the search result.

ldap-search- resref (STC)

Matches the entire Search Result Reference message.

ldap-search- resref-referral (STC)

Matches each referral URL in the Search Result Reference message.

Service Contexts: Radius

The table displays the security context details for Radius:

Table 2: Service Contexts: RADIUS

Context and Direction

Description

Example of Contexts

radius-access-accept (STC)

Matches the attribute fields of a RADIUS Access-Accept message.

radius-access-challenge (STC)

Matches the attribute fields of a RADIUS Access-Challenge message.

radius-access-reject (STC)

Matches the attribute fields of a RADIUS Access-Reject message.

radius-access-request (CTS)

Matches the attribute fields of a RADIUS Access-Request message.

radius-acct-request (CTS)

Matches the attribute fields of a RADIUS Accounting-Request message.

radius-acct-response (STC)

Matches the attribute fields of a RADIUS Accounting-Response message.

radius-attr- acct-multi-session-id (CTS)

Matches the value of an Account-Multi-Session-Id attribute.

radius-attr- acct-session-id (CTS)

Matches the value of an Account-Session-Id attribute.

radius-attr- acct-tunnel-connection (CTS)

Matches the value of an Account-Tunnel-Connection attribute.

radius-attr- arap-features (STC)

Matches the value of an ARAP-Features attribute.

radius-attr- arap-password (CTS)

Matches the value of an ARAP-Password attribute.

radius-attr- arap-security-data (ANY)

Matches the value of an ARAP-Security-Data attribute.

radius-attr- callback-number (ANY)

Matches the value of a Callback-Number attribute.

radius-attr- called-station-id (CTS)

Matches the value of a Caller-Station-Id attribute.

radius-attr- calling-station-id (CTS)

Matches the value of a Calling-Station-Id attribute.

radius-attr- chap-challenge (CTS)

Matches the value of a Chap-Challenge attribute.

radius-attr- chap-password (CTS)

Matches the value of a Chap-Password attribute.

radius-attr- configuration-token (STC)

Matches the value of a Configuration-Token attribute.

radius-attr- connect-info (CTS)

Matches the value of a Connect-Info attribute.

radius-attr- eap-message (ANY)

Matches the value of an EAP-Message attribute.

radius-attr- filter-id (ANY)

Matches the value of a Filter-Id attribute.

radius-attr- framed-appletalk-zone (ANY)

Matches the value of a Framed-Appletalk-Zone attribute.

radius-attr- framed-pool (STC)

Matches the value of a Framed-Pool attribute.

radius-attr- framed-route (ANY)

Matches the value of a Framed-Route attribute.

radius-attr- login-lat-group (ANY)

Matches the value of a Login-LAT-Group attribute.

radius-attr- login-lat-node (ANY)

Matches the value of a Login-LAT-Node attribute.

radius-attr- login-lat-port (ANY)

Matches the value of a Login-LAT-Port attribute.

radius-attr- login-lat-service (ANY)

Matches the value of a Login-LAT-Service attribute.

radius-attr- message-authenticator (ANY)

Matches the value of a Message-Authenticator attribute.

radius-attr- nas-identifier (CTS)

Matches the value of a NAS-Identifier attribute.

radius-attr- nas-port-id (CTS)

Matches the value of a NAS-Port-Id attribute.

radius-attr- proxy-state (ANY)

Matches the value of a Proxy-State attribute.

radius-attr- reply-message (STC)

Matches the value of a Reply-Message attribute.

radius-attr- state (ANY)

Matches the value of a State attribute

radius-attr- tunnel-assignment-id (ANY)

Matches the value of a Tunnel-Assignemnt-Id attribute.

radius-attr- tunnel-client-auth-id (ANY)

Matche the value of a Tunnel-Client-Auth-Id attribute

radius-attr- tunnel-client-endpoint (ANY)

Matches the value of a Tunnel-Client-Endpoint attribute.

radius-attr- tunnel-password (STC)

Matches the value of a Tunnel-Password attribute.

radius-attr- tunnel-private-group-id (ANY)

Matches the value of a Tunnel-Private-Group-Id attribute.

radius-attr- tunnel-server-auth-id (ANY)

Matches the value of a Tunnel-Server-Auth-Id attribute.

radius-attr- tunnel-server-endpoint (ANY)

Matches the value of a Tunnel-Server-Endpoint attribute.

radius-attr- user-name (ANY)

Matches the value of a User-Name attribute.

radius-attr- user-password (CTS)

Matches the value of a User-Password attribute.

radius-attr- vendor-specific (ANY)

Matches the value of a Vendor-Specific attribute.

radius-attribute (ANY)

Matches any RADIUS attribute, including the type, length and value.