Firewall Protection
174
ProSecure Unified Threat Management (UTM) Appliance
2. In the Enabled column for each section, either select individual attacks by selecting the
check boxes to the left of the names, or select all attacks for that category by selecting the
top leftmost check box to the left of All web attacks.
3. In the Action column for each section, either select the actions for individual attacks by
making selections from the drop-down lists to the right of the names, or select a global action
for all attacks for that category by making a selection from the top drop-down list. Some of
the less familiar web and miscellaneous attacks are explained in the following table.
The drop-down lists let you select one of the following actions:
• Alert. When an attack occurs, an alert is logged but the traffic that carries the attack is
not dropped.
• Drop. The traffic that carries the attack is dropped, and an alert is logged.
4. Click Apply to save your settings.
Note: To ensure that alerts are emailed to an administrator, you need to
configure the email notification server (see Configure the Email
Notification Server on page 422) and the IPS alerts (see Configure
and Activate Update Failure and Attack Alerts on page 429).
Table 37. IPS: uncommon attack names
Attack Name Description
Web
web-misc Detects some specific web attack tools, such as the fingerprinting tool and the
password-cracking tool.
web-attacks Detects the web attacks that cannot be placed under other web categories,
such as DoS and overflow attacks against specific web services. These web
services include IMail Web Calendaring, ZixForum, ScozNet, ScozNews, and
other services.
inappropriate Detects traffic that involves visiting pornographic websites.
Misc
policy Detects traffic that violates common policies, such as traffic that flows because
of certain network installer applications, and traffic that flows when Google
SafeSearch is turned off.
misc Detects the web attacks that cannot be placed in other categories, such as
attacks specifically against SNMP or DNS.
To Next Page
Loading...
Need help?
General
