Add an IDP Policy
You are here: Security Services > IPS > Policy.
To add an IDP policy:
Field |
Action |
---|---|
Policy Name |
Enter the name of the IPS policy. |
IPS Rule |
Specifies the IPS rule created. Select an option form the list:
|
Basic | |
Policy Name |
Displays the name of the IDP policy. |
Rule Name |
Enter a rule name. |
Rule Description |
Enter the description for the rule. |
Action |
Select a rule action from the list to specify the list of all the rule actions for IDP to take when the monitored traffic matches the attack objects specified in the rules. |
Application |
Specifies the list of one or multiple configured applications. Select the applications to be matched. |
Attack Type |
Specifies the attack type that you do not want the device to match in the monitored network traffic. The options available are:
Select an option from the list and click the right arrow to match an attack object or attack group to the rule. |
Category |
Select a category from the list to specify the category used for scrutinizing rules of sets. |
Severity |
Select a severity level from the list to specify the rule severity levels in logging to support better organization and presentation of log records on the log server. |
Direction |
Select a direction level from the list to specify the direction of network traffic you want the device to monitor for attacks. |
Search |
Enables you to search a specific data from the list. |
Advanced Note:
This tab is not available for Rulebase exempt. |
|
IP Action |
Specifies the action that IDP takes against future connections that use the same IP address. Select an IP action from the list. |
IP Target |
Select an IP target from the list. |
Timeout |
Specifies the number of seconds the IP action should remain effective before new sessions are initiated within that specified timeout value. Enter the timeout value, in seconds. The maximum value is 65,535 seconds. |
Log IP Action |
Select the check box to specify whether or not the log attacks are enabled to create a log record that appears in the log viewer. |
Enable Attack Logging |
Select the check box to specify whether or not the configuring attack logging alert is enabled. |
Set Alert Flag |
Select the check box to specify whether or not an alert flag is set. |
Severity |
Select an option from the list to specify the rule severity level. |
Terminal |
Select the check box to specify whether or not the terminal rule flag is set. |
Match | |
From Zone |
Select the match criteria for the source zone for each rule. |
To Zone |
Select the match criteria for the destination zone for each rule. |
Source Address |
Select the zone exceptions for the from-zone and source address for each rule. The options available are:
|
Destination Address |
Select the zone exceptions for the to-zone and destination address for each rule. The options available are:
|