Use the OpenSignatures page to write
pattern-matching signatures that detect specific threats for your Network
IPS appliance.
About this task
Navigating in IPS Local Management Interface:
Navigating
in SiteProtector™ Management:
select the OpenSignature Events policy
Procedure
- Click the Add icon.
- Set the following:
Option |
Description |
Enabled |
Enables the rule. |
Comment |
Specifies a unique description for the rule. |
Rule String |
Specifies the criteria the appliance monitors for as it inspects
traffic that could trigger the OpenSignature event. |
- Click OK.
- (Optional) Select the rule and click the Up or Down arrows
to place the rule in the order you want it to process.
What to do next
For OpenSignatures to work, you must enable the OpenSignatures
parser on the
Tuning Parameters page. See
OpenSignature tuning parameters.