Chapter 22 ADP
NXC5200 User’s Guide
348
Action
To edit what action the NXC takes when a packet matches a signature,
select the signature and use the Action icon.
original setting: Select this action to return each signature in a service
group to its previously saved configuration.
none: Select this action on an individual signature or a complete service
group to have the NXC take no action when a packet matches a rule.
drop: Select this action on an individual signature or a complete service
group to have the NXC silently drop a packet that matches a rule. Neither
sender nor receiver are notified.
reject-sender: Select this action on an individual signature or a
complete service group to have the NXC send a reset to the sender when
a packet matches the signature. If it is a TCP attack packet, the NXC will
send a packet with a ‘RST’ flag. If it is an ICMP or UDP attack packet, the
NXC will send an ICMP unreachable packet.
reject-receiver: Select this action on an individual signature or a
complete service group to have the NXC send a reset to the receiver when
a packet matches the rule. If it is a TCP attack packet, the NXC will send a
packet with an a ‘RST’ flag. If it is an ICMP or UDP attack packet, the NXC
will do nothing.
reject-both: Select this action on an individual signature or a complete
service group to have the NXC send a reset to both the sender and
receiver when a packet matches the rule. If it is a TCP attack packet, the
NXC will send a packet with a ‘RST’ flag to the receiver and sender. If it is
an ICMP or UDP attack packet, the NXC will send an ICMP unreachable
packet.
#
This is the entry’s index number in the list.
Status
The activate (light bulb) icon is lit when the entry is active and dimmed
when the entry is inactive.
Name
This is the name of the protocol anomaly rule. Click the Name column
heading to sort in ascending or descending order according to the
protocol anomaly rule name.
Activation
Click the icon to enable or disable a rule or group of rules.
Log
These are the log options. To edit this, select an item and use the Log
icon.
Action
This is the action the NXC should take when a packet matches a rule. To
edit this, select an item and use the Action icon.
Log
Select whether to have the NXC generate a log (log), log and alert (log
alert) or neither (no) when traffic matches this anomaly rule.
Action
Select what the NXC should do when a packet matches a rule.
none: The NXC takes no action when a packet matches the signature(s).
block: The NXC silently drops packets that matches the rule. Neither
sender nor receiver are notified.
OK
Click OK to save your settings to the NXC, complete the profile and return
to the profile summary page.
Table 127
Add/Edit Profile > Protocol Anomaly (continued)
LABEL
DESCRIPTION