ESR series service routers.ESR-Series. User manual
•
•
Step Description Command Keys
14 Use all ESR resources for IPS/
IDS (optional).
esr(config-ips)# perfomance
max
By default, half of the available
processor cores are allocated for IPS/
IDS.
15 Set remote server parameters
for sending IPS/IDS service
statistics in EVE format
(elasticsearch) (optional).
esr(config-ips)# logging remote-
server { <ADDR> | <IPV6-ADDR> }
[ <TRANSPORT> ] [ <PORT> ]
[ source-address { <SRC-ADDR> |
<IPV6-SRC-ADDR> } ]
<ADDR> – sender IP address, defined
as AAA.BBB.CCC.DDD where each
part takes values of [0..255];
<IPV6-ADDR> – IPv6 address, defined
as X:X:X:X::X where each part takes
values in hexadecimal format
[0..FFFF];
<TRANSPORT> – data transfer
protocol, by default is UDP, takes the
following values:
TCP – data transfer via TCP;
UDP – data transfer via UDP.
<PORT> – number of sender TCP/UDP
port, takes values of [1..65535], by
default is 514;
<SRC-ADDR> –IPv4 address of the
router that will be used as the source
IP address in the sent syslog packets.
By default – the IPv4 address of the
interface from which the packets are
sent;
<IPV6-SRC-ADDR> – IPv6 address of
the router that will be used as the
source IP address in the sent syslog
packets. By default – the IPv6 address
of the interface from which the
packets are sent.
16 Set the interval for sending IPS/
IDS service statistics in EVE
(elasticsearch) format
(optional).
esr(config-ips)# logging update-
interval <INTERVAL>
<INTERVAL> –IPS/IDS service
statistics sending interval, set in
minutes.
17 Enable IPS/IDS. esr(config-ips )# enable
18 Enable IPS/IDS on the interface. esr(config-if-gi)# service-ips
enable
19 Specify a name and enter the
configuration mode of the set of
user rules.
esr(config)# security ips-
category user-defined <WORD>
<WORD> – user rule set name, set by
the string of up to 32 characters.
To Next Page
Loading...