Chapter 21 IDP
NXC5200 User’s Guide
318
Severity
Search for signatures by severity level(s). Hold down the [Ctrl] key if
you want to make multiple selections.
These are the severities as defined in the NXC. The number in brackets
is the number you use if using commands.
Severe (5): These denote attacks that try to run arbitrary code or gain
system privileges.
High (4): These denote known serious vulnerabilities or attacks that are
probably not false alarms.
Medium (3): These denote medium threats, access control attacks or
attacks that could be false alarms.
Low (2): These denote mild threats or attacks that could be false
alarms.
Very-Low (1): These denote possible attacks caused by traffic such as
Ping, trace route, ICMP queries etc.
Attack Type
Search for signatures by attack type(s). Attack types are known as
policy types in the group view screen. Hold down the [Ctrl] key if you
want to make multiple selections.
Platform
Search for signatures created to prevent intrusions targeting specific
operating system(s). Hold down the [Ctrl] key if you want to make
multiple selections.
Service
Search for signatures by IDP service group(s). Hold down the [Ctrl] key
if you want to make multiple selections.
Action
Search for signatures by the response the NXC takes when a packet
matches a signature. Hold down the [Ctrl] key if you want to make
multiple selections.
Activation
Search for activated and/or inactivated signatures here.
Log
Search for signatures by log option here.
Search
Click this button to begin the search. The results display at the bottom
of the screen. Results may be spread over several pages depending on
how broad the search criteria selected were. The tighter the criteria
selected, the fewer the signatures returned.
Query Result
The results are displayed in a table showing the SID, Name, Severity,
Attack Type, Platform, Service, Activation, Log, and Action criteria
as selected in the search. Click the SID column header to sort search
results by signature ID.
OK
Click OK to save your settings to the NXC, complete the profile and
return to the profile summary page.
Cancel
Click Cancel to return to the profile summary page without saving any
changes.
Save
Click Save to save the configuration to the NXC, but remain in the same
page. You may then go to the another profile screen (tab) in order to
complete the profile. Click OK in the final profile screen to complete the
profile.
Table 118
Configuration > Anti-X > IDP > Edit Profile (continued)
LABEL
DESCRIPTION