Use the IP Address and Port area on
the Response Filters tab to filter events that
occur on source and target IP addresses or ports.
About this task
Navigating in the IPS Local Management Interface:
Navigating
in SiteProtector™ Management:
select the Response Filters policy
Procedure
- Click the Add icon.
- Click either IPv4 or IPv6 in
the IP Version area, depending on your network.
- Configure the following options:
Option |
Description |
Source Address(es) |
Specifies the following options:- Any: Filters all IP addresses.
- Exclude: Does not filter a specific address
or a range of addresses.
Note: Do not use 0.0.0.0-255.255.255.255 as the Site range. If
you do, IP addresses are indiscriminately added to your ungrouped
assets folder, such as IP addresses from websites.
|
Target Address(es) |
Specifies the following options:- Any: Filters all IP addresses.
- Exclude: Does not filter a specific address
or a range of addresses.
Note: Do not use 0.0.0.0-255.255.255.255 as the site range. If
you do, IP addresses are indiscriminately added to your ungrouped
assets folder, such as IP addresses from websites.
|
Source Port(s) |
Specifies the following options:- Any: Filters all ports.
- Exclude: Does not filter a specific port
or a range of ports.
Note: The appliance accepts
comma-separated lists of ports and port ranges.
|
Target Port(s) |
Specifies the following options:- Any: Filters all ports.
- Exclude: Does not filter a specific port
or a range of ports.
Note: The appliance accepts
comma-separated lists of ports and port ranges.
|
What to do next
On the Add Response Filters window,
you can specify general settings and enable responses.