EasyManua.ls Logo

ELTEX ESR-21 - Basic User Rules Configuration Algorithm

Default Icon
650 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
ESR series service routers.ESR-Series. User manual
485
The device will be used only as a security gateway, for this allocate the IPS/IDS service all available resources:
esr(config-ips)# perfomance max
Configure autoupdate rules from EmergingThreats.net, etnetera.cz and Abuse.ch sites
esr(config-ips)# auto-upgrade
esr(config-auto-upgrade)# user-server ET-Open
esr(config-ips-upgrade-user-server)# description "emerging threats open rules"
esr(config-ips-upgrade-user-server)# url https://rules.emergingthreats.net/open/suricata-4.0/
emerging-all.rules
esr(config-ips-upgrade-user-server)# exit
esr(config-auto-upgrade)# user-server Aggressive
esr(config-ips-upgrade-user-server)# description "Etnetera aggressive IP blacklist"
esr(config-ips-upgrade-user-server)# url https://security.etnetera.cz/feeds/
etn_aggressive.rules
esr(config-ips-upgrade-user-server)# upgrade interval 4
esr(config-ips-upgrade-user-server)# exit
esr(config-auto-upgrade)# user-server SSL-BlackList
esr(config-ips-upgrade-user-server)# description "Abuse.ch SSL Blacklist"
esr(config-ips-upgrade-user-server)# url https://sslbl.abuse.ch/blacklist/sslblacklist.rules
esr(config-ips-upgrade-user-server)# upgrade interval 4
esr(config-ips-upgrade-user-server)# exit
esr(config-auto-upgrade)# user-server C2-Botnet
esr(config-ips-upgrade-user-server)# description "Abuse.ch Botnet C2 IP Blacklist"
esr(config-ips-upgrade-user-server)# url https://sslbl.abuse.ch/blacklist/sslipblacklist.rules
esr(config-ips-upgrade-user-server)# upgrade interval 4
esr(config-ips-upgrade-user-server)# exit
13.6.5 Basic user rules configuration algorithm
Step Description Command Keys
1 Specify a name and enter the
configuration mode of the set of user
rules.
esr(config)# security ips-category
user-defined <WORD>
<WORD> – user rule set name,
set by the string of up to 32
characters.
2 Define a description of a set of user
rules (optional).
esr(config-ips-category)#
description <DESCRIPTION>
<DESCRIPTION> – description,
set by the string of up to 255
characters.
3 Create a rule and switch to its
configuration mode.
esr(config-ips-category)# rule
<ORDER>
<ORDER> – rule number, takes
values of [1..512].
4 Specify rule description (optional). esr(config-ips-category-rule)#
description <DESCRIPTION>
<DESCRIPTION> – description,
set by the string of up to 255
characters.

Table of Contents

Related product manuals