Filter
Top Products
Chapter 6 Device Security Settings
Vantage CNM User’s Guide
158
6.9 IDP Signatures
The rules that define how to identify and respond to intrusions are called “signatures”. Click
Device Operation > Device Configuration > Security > IDP > Signature to see the device’s
signatures.
6.9.1 Attack Types
In the Device Operation > Configuration > Security > IDP > Signature screen, the Attack
Type list box displays all intrusion types supported by the device. Other covers all intrusion
types not covered by other types listed.
To see signatures for a specific intrusion type, select that type from the Attack Type list box.
From, To Select the check box to apply IDP to packets based on the direction of travel.
Select or clear a row or column’s first check box (with the interface label) to
select or clear the interface’s whole row or column.
For example, From LAN To LAN means packets traveling from a computer on
one LAN subnet to a computer on another LAN subnet on the LAN interface of
the device or the device itself. The device does not check packets traveling from
a LAN computer to another LAN computer on the same subnet.
From VPN means traffic that came into the device through a VPN tunnel and is
going to the selected “to” interface. For example, From VPN To LAN specifies
the VPN traffic that is going to the LAN or terminating at the device’s LAN
interface. The device checks the traffic after decrypting it.
To VPN is traffic that comes in through the selected “from” interface and goes
out through any VPN tunnel. For example, From LAN To VPN specifies the
traffic that is coming from the LAN and going out through a VPN tunnel. The
device checks the traffic before encrypting it.
From VPN To VPN means traffic that comes in through a VPN tunnel and goes
out through (another) VPN tunnel or terminates at the device. This is the case
when the device is the hub in a hub-and-spoke VPN. This is also the case if you
allow someone to use a service (like Telnet or HTTP) through a VPN tunnel to
manage the device. The device checks the traffic after decrypting it (before
encrypting it again).
Note: The VPN connection directions apply to the traffic going to
or from the device’s VPN tunnels. They do not apply to
other VPN traffic for which the device is not one of the
gateways (VPN pass-through traffic).
Apply Click this button to save your changes back to the device.
Reset Click this button to begin configuring this screen afresh.
Table 61 Device Operation > Device Configuration > Security > IDP > General (continued)
LABEL DESCRIPTION