In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-31 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
License application:
admin@SRX3600> request system license update trial
Updating signature library requires DNS configuration, correct time configuration, download URL
security {
idp {
security-package {
url https://services.netscreen.com/cgi-bin/index.cgi;
}
}
You need to update the signature library before completing the global configuration
1. Download Feature Library
admin@SRX3600> request security idp security-package download
2. Update
admin@SRX3600> request security idp security-package install
IPS configuration method:
Rules corresponding to IDP: (Global)
set security idp idp-policy IDP_Default rulebase-ips rule 1 match from-zone any
set security idp idp-policy IDP_Default rulebase-ips rule 1 match source-address any
set security idp idp-policy IDP_Default rulebase-ips rule 1 match to-zone any
set security idp idp-policy IDP_Default rulebase-ips rule 1 match destination-address any
set security idp idp-policy IDP_Default rulebase-ips rule 1 match application default
set security idp idp-policy IDP_Default rulebase-ips rule 1 match attacks predefined-attack-groups "Critical - IP"
set security idp idp-policy IDP_Default rulebase-ips rule 1 match attacks predefined-attack-groups "Critical - TCP"
set security idp idp-policy IDP_Default rulebase-ips rule 1 match attacks predefined-attack-groups "Major - TCP"
set security idp idp-policy IDP_Default rulebase-ips rule 1 match attacks predefined-attack-groups "Major - IP"
set security idp idp-policy IDP_Default rulebase-ips rule 1 then action no-action
set security idp idp-policy IDP_Default rulebase-ips rule 1 then notification log-attacks alert
set security idp active-policy IDP_Default
Called in a specific policy, for example:
set security policies from-zone trust to-zone untrust policy t-u-1 match source-address any
set security policies from-zone trust to-zone untrust policy t-u-1 match destination-address any
set security policies from-zone trust to-zone untrust policy t-u-1 then permit application-services idp
Log View:
If you view IDP logs directly in the device, you need to do two steps:
1、
security {
log {
mode event;
event-rate 1500;
}
}
Log forwarding from data-plane to control-plane
2. Add IDP_log file to record IDP information
set system syslog file IDP_log any any
set system syslog file IDP_log match RT_IDP
set system syslog file IDP_log archive size 10m
set system syslog file IDP_log archive files 10
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
