Chapter 22 ADP
NXC5200 User’s Guide
344
The following table describes the fields in this screen.
Table 126
Add/Edit Profile > Traffic Anomaly
LABEL
DESCRIPTION
Name
This is the name of the ADP profile. You may use 1-31 alphanumeric
characters, underscores(
_
), or dashes (-), but the first character cannot
be a number. This value is case-sensitive. These are valid, unique profile
names:
MyProfile
mYProfile
Mymy12_3-4
These are invalid profile names:
1mYProfile
My Profile
MyProfile?
Whatalongprofilename123456789012
Scan/Flood
Detection
Sensitivity
(Scan detection only.) Select a sensitivity level so as to reduce false
positives in your network. If you choose low sensitivity, then scan
thresholds and sample times are set low, so you will have fewer logs and
false positives; however some traffic anomaly attacks may not be
detected.
If you choose high sensitivity, then scan thresholds and sample times are
set high, so most traffic anomaly attacks will be detected; however you
will have more logs and false positives.
Block
Period
Specify for how many seconds the NXC blocks all packets from being
sent to the victim (destination) of a detected anomaly attack.
Activate
To turn on an entry, select it and click Activate.
Inactivate
To turn off an entry, select it and click Inactivate.
Log
To edit an item’s log option, select it and use the Log icon. Select
whether to have the NXC generate a log (log), log and alert (log alert)
or neither (no) when traffic matches this anomaly rule.
Action
To edit what action the NXC takes when a packet matches a rule, select
the signature and use the Action icon.
none: The NXC takes no action when a packet matches the signature(s).
block: The NXC silently drops packets that matches the rule. Neither
sender nor receiver are notified.
#
This is the entry’s index number in the list.
Status
The activate (light bulb) icon is lit when the entry is active and dimmed
when the entry is inactive.
Name
This is the name of the traffic anomaly rule. Click the Name column
heading to sort in ascending or descending order according to the rule
name.