Filter
Top Products
Chapter 6 Device Security Settings
Vantage CNM User’s Guide
165
6.9.6 Protocol Anomaly
This section introduces ADP (Anomaly Detection and Prevention). An ADP system protects
against anomalies based on violations of protocol standards (RFCs – Requests for Comments)
and abnormal flows such as port scans. Protocol anomaly detection includes HTTP Inspection,
TCP Decoder, UDP Decoder and ICMP Decoder. Protocol anomaly rules may be updated
when you upload new firmware.
To open this screen, click Device Operation in the menu bar, select a device, then click
Device Configuration > Security > IDP > Anomaly.
Figure 76 Device Operation > Device Configuration > Security > IDP > Anomaly
Alert You can only edit the Alert check box when the corresponding Log check box is
selected.
Select this check box to have an e-mail sent when a match is found for a
signature.
Select the check box in the heading row to automatically select all check boxes or
clear it to clear all entries on the current page.
Alternatively, you may select or clear individual entries. The check box becomes
gray when you select the check box.
If you edited any of the check boxes in this column on the current page, use the
check box in the heading row to switch between the settings (last partial edited, all
selected and all cleared).
Action You can change the default signature action here. See Table 64 on page 161 for
more details on actions.
Apply Click this button to save your changes back to the device.
Reset Click this button to begin configuring this screen afresh.
Table 66 Device Operation > Device Configuration > Security > IDP > Signature (Query
View) (continued)
LABEL DESCRIPTION