Use the Responses area on the Response
Filters tab to configure how the appliance notifies you
about events triggered by your filters.
About this task
Navigating in the IPS Local Management Interface:
Navigating
in SiteProtector™ Management:
select the Response Filters policy
Procedure
- Click the Add icon.
- Click the appropriate tab in the Responses area
and configure the following options:
Option |
Description |
Email |
Specifies the email address that receives alerts about events. Note: If
the email address is not in the list, you can configure email in .
|
Quarantine |
Specifies responses that block intruders, including worms
and Trojan horses, when the appliance detects events.Notes: - Quarantine responses work in only inline protection mode.
- If the quarantine response is not in the list, you can configure
quarantine responses in .
|
SNMP |
Sends an SNMP trap including pertinent information about the
event. Note: If the SNMP trap is not in the list, you can configure
SNMP traps in .
|
User Specified |
Specifies a user-specified response to connection events. Note: If
the user-specified response is not in the list, you can configure
user-specified responses in .
|
What to do next
On the Add Response Filters window,
you can set general settings and configure IP address and ports for
filtering events.