Use the Responses area of the User
Defined Events page to configure how the appliance notifies
you about your user-defined events.
About this task
Navigating in the IPS Local Management Interface:
Navigating
in SiteProtector™ Management:
select the User Defined Events policy
Procedure
- Click the Add icon.
- Click the appropriate tab in the Responses area
and set the following:
Option |
Description |
Email |
Specifies the email address that receives alerts about events. Note: If
the email address does not appear in the list, you can configure email
in .
|
Quarantine |
Specifies responses that block intruders, including worms
and Trojan horses, when the appliance detects events.Notes: - Quarantine responses work only when you
have configured the appliance to run in inline protection mode.
- If the quarantine response does not appear in the list, you can
configure quarantine responses in .
|
SNMP |
Sends an SNMP trap including pertinent information about the
event. Note: If the SNMP trap does not appear in the list, you can
configure SNMP traps in .
|
User Specified |
Specifies a user specified response. Note: If the user specified
response does not appear in the list, you can configure user-specified
responses in .
|
What to do next
On the Add User Defined Events window,
configure general settings, such as logging evidence, event throttling,
and specifying the context for your user-defined events.