User's Manual 182 Document #: LTRT-27055
Mediant 1000B Gateway & E-SBC
2. Click New; the following dialog box appears:
Figure 13-7: IDS Matches Table - Add Dialog Box
The figure above shows a configuration example where the IDS Policy "SIP Trunk" is
applied to SIP Interfaces 1 and 2, and to all source IP addresses outside of subnet
10.1.0.0/16 and IP address 10.2.2.2.
3. Configure a rule according to the parameters described in the table below.
4. Click Apply, and then save your settings to flash memory.
Table 13-5: IDS Matches Table Parameter Descriptions
Parameter Description
Index
[IDSMatch_Index]
Defines an index number for the new table record.
SIP Interface ID
sip-interface
[IDSMatch_SIPInterface]
Defines the SIP Interface(s) to which you want to assign the IDS
Policy. This indicates the SIP Interfaces that are being attacked.
The valid value is the ID of the SIP Interface. The following syntax is
supported:
A comma-separated list of SIP Interface IDs (e.g., 1,3,4)
A hyphen "-" indicates a range of SIP Interfaces (e.g., 3,4-7 means
IDs 3, and 4 through 7)
A prefix of an exclamation mark "!" means negation of the set (e.g.,
!3,4-7 means all indexes excluding 3, and excluding 4 through 7)
Proxy Set ID
proxy-set
[IDSMatch_ProxySet]
Defines the Proxy Set(s) to which the IDS Policy is assigned. This
indicates the Proxy Sets from where the attacks are coming from. The
following syntax is supported:
A comma-separated list of Proxy Set IDs (e.g., 1,3,4)
A hyphen "-" indicates a range of Proxy Sets (e.g., 3,4-7 means
IDs 3, and 4 through 7)
A prefix of an exclamation mark "!" means negation of the set (e.g.,
!3,4-7 means all indexes excluding 3, and excluding 4 through 7)
Note:
Only the IP address of the Proxy Set is considered (not port).
If a Proxy Set has multiple IP addresses, the device considers the
Proxy Set as one entity and includes all its IP addresses in the
same IDS count.
To Next Page
Loading...
