•
•
•
•
Step Description Command Keys
14 Connect the desired
category.
esr (config-ips-vendor)# category
WORD(1-64)
Phishing URL Data Feed – Phishing URL
data streams
Malicious URL Data Feed – Malicious URL
data streams
Botnet C&C URL Data Feed – Botnet C&C
URL data streams
Malicious Hash Data Feed – Malicious
Hashes data streams
Mobile Malicious Hash Data Feed – mobile
Malicious Hashes data streams
IP Reputation Data Feed – IP address data
streams
Mobile Botnet Data Feed – mobile Botnet
data streams
Ransomware URL Data Feed – Ransomware
URL data stream
Botnet C&C URL Exact Data Feed – Botnet
C&C URL Exact data stream
Phishing URL Exact Data Feed – Phishing
URL Exact data stream
Malicious URL Exact Data Feed – Malicious
URL Exact data stream
Iot URL Data Feed – IoT URL data stream
15 Specify rule type. esr (config-ips-vendor-category)# rules
action <ACTION>
<ACTION> - drop | reject | alert | pass –
actions to be applied to packages.
alert – traffic is allowed and the IPS/
IDS service generates a message;
reject – traffic is prohibited. If it is
TCP traffic, a TCP-RESET packet is
sent to the sender and recepient, for
the rest of the traffic type, an ICMP-
ERROR packet is sent. IPS/IDS
service generates a message;
pass – traffic transfer is permitted;
drop – traffic is prohibited and the
IPS/IDS service generates a
message.
16 Set the number of
downloadable rules.
esr (config-ips-vendor-category)# rules
count <number>
<number>
To Next Page
Loading...
