Configuring IP addresses and ports for quarantine rules

Use the IP Address and Port area to block events that are occurring on source and target IP addresses or ports.

About this task

Navigating in the IPS Local Management Interface: Secure Protection Settings > Response Tuning > Quarantine Rules

Note: You cannot apply quarantine rules to all traffic. You must specify a setting for at least one of the following options in order for the appliance to save the quarantine rule:
  • Protocol name
  • VLAN
  • Source address
  • Target address
  • Source port
  • Target port
The quarantine rule is invalid if you set all the previous options to Any.

Procedure

  1. Click the Add icon.
  2. Click either IPv4 or IPv6 in the IP Version area, depending on your network.
  3. Configure the following options:
    Option Description
    Source Address Specifies Any to block all IP addresses or a specific address.
    Target Address Specifies Any to block all IP addresses or a specific address.
    Source Port(s) Specifies Any to block all ports or a specific port.
    Target Port(s) Specifies Any to block all ports or a specific port.

What to do next

On the Add Quarantine Rules window, you can specify general settings such as VLAN tags and protocol types.