Name: ELTEX ESR Series
Brand: ELTEX
Rating: 5 (1 reviews)

To Next Page

To Previous Page

ESR-Series. User manual

413

Configure the DNS client on the ESR to allow the names of the IPS/IDS rule update sources:

esr(config)# domain lookup enable

esr(config)# domain name-server 8.8.8.8

Create IPS/IDS security policy:

esr(config)# security ips policy OFFICE

esr(config-ips-policy)# description "My Policy"

esr(config-ips-policy)# protect network-group LAN

Allow IPS/IDS operation on the bridge 1 LAN interface:

esr(config)# bridge 1

esr(config-bridge)# service-ips enable

Configure IPS/IDS parameters:

esr(config)# security ips

esr(config-ips)# logging storage-patch usb://DATA

esr(config-ips)# policy OFFICE

esr(config-ips)# enable

The device will be used only as a security gateway, for this allocate the IPS/IDS service all available resources:

esr(config-ips)# perfomance max

Configure auto-update rules from EmergingThreats.net, etnetera.cz and Abuse.ch sites

esr(config-ips)# auto-upgrade

esr(config-auto-upgrade)# user-server ET-Open

esr(config-ips-upgrade-user-server)# description «emerging threats open rules»

esr(config-ips-upgrade-user-server)# url https://rules.emergingthreats.net/open/suricata-4.0/

rules/

esr(config-ips-upgrade-user-server)# exit

esr(config-auto-upgrade)# user-server Aggressive

esr(config-ips-upgrade-user-server)# description «Etnetera aggressive IP blacklist»

esr(config-ips-upgrade-user-server)# url https://security.etnetera.cz/feeds/

etn_aggressive.rules

esr(config-ips-upgrade-user-server)# upgrade interval 4

esr(config-ips-upgrade-user-server)# exit

esr(config-auto-upgrade)# user-server SSL-BlackList

esr(config-ips-upgrade-user-server)# description «Abuse.ch SSL Blacklist»

esr(config-ips-upgrade-user-server)# url https://sslbl.abuse.ch/blacklist/sslblacklist.rules

esr(config-ips-upgrade-user-server)# upgrade interval 4

esr(config-ips-upgrade-user-server)# exit

esr(config-auto-upgrade)# user-server C2-Botnet

esr(config-ips-upgrade-user-server)# description «Abuse.ch Botnet C2 IP Blacklist»

esr(config-ips-upgrade-user-server)# url https://sslbl.abuse.ch/blacklist/sslipblacklist.rules

esr(config-ips-upgrade-user-server)# upgrade interval 4

esr(config-ips-upgrade-user-server)# exit

ELTEX ESR Series Specifications

General

Model	ESR Series
Category	Network Router
Manufacturer	ELTEX
Management	Web interface, CLI, SNMP
Operating Temperature	0°C to 40°C
Dimensions	Varies by model
Weight	Varies by model
Routing Protocols	OSPF, BGP
WAN Interfaces	Ethernet, SFP
LAN Interfaces	Ethernet, SFP
VPN Support	IPsec, L2TP, PPTP
Firewall	Stateful packet inspection, ACLs
Power over Ethernet (PoE)	Available on some models
QoS	Traffic prioritization

ELTEX ESR Series User Manual

Table of Contents

Questions and Answers:

ELTEX ESR Series Specifications

Related product manuals