Version 7.0 183 Mediant 3000
User's Manual 14. Security
14.3.3 Assigning IDS Policies
The IDS Match table lets you implement your configured IDS Policies. You do this by
assigning IDS Policies to any, or a combination of, the following configuration entities:
SIP Interface: For detection of malicious attacks on specific SIP Interface(s). For
configuring SIP Interfaces, see ''Configuring SIP Interfaces'' on page
337.
Proxy Sets: For detection of malicious attacks from specified Proxy Set(s). For
configuring Proxy Sets, see ''Configuring Proxy Sets'' on page
355.
Subnet addresses: For detection of malicious attacks from specified subnet
addresses.
You can configure up to 20 IDS Policy-Matching rules.
To configure an IDS Policy-Matching rule:
1. Open the IDS Match table (Configuration tab > VoIP menu > Security > Intrusion
Detection and Prevention > Match Table).
2. Click Add; the following dialog box appears:
Figure 14-7: IDS Match Table - Add Row Dialog Box
The figure above shows a configuration example where the IDS Policy "SIP Trunk" is
applied to SIP Interfaces 1 and 2, and all source IP addresses outside of subnet
10.1.0.0/16 and IP address 10.2.2.2.
3. Configure a rule according to the parameters described in the table below.
4. Click Add, and then save ("burn") your settings to flash memory.
Table 14-5: IDS Match Table Parameter Descriptions
Parameter Description
Index
[IDSMatch_Index]
Defines an index number for the new table record.
SIP Interface ID
[IDSMatch_SIPInterface]
Defines the SIP Interface(s) to which you want to assign the IDS
Policy. This indicates the SIP Interfaces that are being attacked.
The valid value is the ID of the SIP Interface. The following syntax is
supported:
A comma-separated list of SIP Interface IDs (e.g., 1,3,4)
A hyphen "-" indicates a range of SIP Interfaces (e.g., 3,4-7 means
IDs 3, and 4 through 7)
A prefix of an exclamation mark "!" means negation of the set (e.g.,
To Next Page
Loading...
Need help?
General
