BSD | Linux | MacOS |
Other | Solaris | Windows |
Adobe | Apache | Apple |
CGI_app | Cisco | HP |
IBM | IE | IIS |
Mozilla | MS_Office | Novel |
Oracle | PHP_app | Sun |
ASP_app | CA | DB2 |
IM | Ipswitch | MailEnable |
MediaPlayer | MS_Exchange | MSSQL |
MySQL | Netscape | P2P |
PostgreSQL | Real | Samba |
SAP | SCADA | Sendmail |
Veritas | Winamp | Other |
DNS | FTP | HTTP |
ICMP | IMAP | LDAP |
POP3 | SCCP | SIP |
SMTP | SNMP | SSH |
SSL | TCP | UDP |
BO | DCERPC | DHCP |
DNP3 | H323 | IM |
MSSQL | NBSS | NNTP |
P2P | RADIUS | RDT |
RPC | TRCP | RTP |
RTSP | TELNET | TFN |
Other |
Action | Description |
Signature Default | All predefined signatures have an Action attribute that is set to Pass or Drop. This means that if a signature included in the filter has an Action setting of Pass, traffic matching the signature will be detected and then allowed to continue to its destination. Select Accept signature defaults use the default action for each included signature. Note: to see what the default for a signature is, go to the IPS Signatures page and enable the column Action, then find the row with the signature name in it. |
Monitor All | Select Monitor all to pass all traffic matching the signatures included in the filter, regardless of their default Action setting. |
Block All | Select Block all to drop traffic matching any the signatures included in the filter. |
Reset | Select Reset to reset the session whenever the signature is triggered. In the CLI this action is referred to as Reject. |
Quarantine | The quarantine based on the attacker’s IP Address - Traffic from the Attacker’s IP address is refused until the expiration time from the trigger is reached. 2. Expires (time frame that the quarantine will be in effect): • 5 Minute(s) • 30 Minutes(s) • 1 Hour(s) • 1 Day(s) • 1 Week(s) • 1 Month(s) |
Packet Logging | Select to enable packet logging for the filter. When you enable packet logging on a filter, the unit saves a copy of the packets that match any signatures included in the filter. The packets can be analyzed later. For more information about packet filtering, see “Configuring packet logging options” |