Use Response Tuning on the Network
IPS appliance
to configure quarantine rules, to set responses to events, to tune
responses in your security policies with response filters, and to
configure rolling packet capture settings.
Configuring quarantine rules
Use the Quarantine Rules page on your Network
IPS appliance
to add new rules and to view rules that are dynamically generated
in response to detected intruder events. These rules prevent worms
from spreading and deny access to systems that are infected with back
doors or Trojan horses.
Configuring responses Responses determine how the appliance
will notify you when it detects an intrusion or other important event.
Create responses and then apply them to events as necessary.
Configuring response filters
Use Response Filters on your Network
IPS appliance
to control response numbers, PAM parameters, and how the appliance
responds to events that are triggered by PAM parameters.
Configuring rolling packet capture settings
Use the Rolling Packet Capture Settings page
on your Network
IPS appliance
to configure how the appliance captures and stores network packet
information. Use the files recorded by this feature and the log evidence
feature for forensic research and troubleshooting.
Configuring the firewall
Use Firewall Rules on your Network
IPS appliance
to configure rules that drop or block attacks before they enter the
network.