Symantec 360R Administration Guide - Page 117
Enabling advanced protection settings, IP spoofing protection
 |
UPC - 037648240185
View all Symantec 360R manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 117 highlights
Preventing attacks 117 Enabling advanced protection settings ■ Block/Don't Warn Drop the packet; but do not log. You can configure the following options for enabling and disabling IDS/IPS signature detection and logging: ■ Select All to enable or disable detection of ALL signatures. ■ Enable/disable detection of each signature individually. To set protection preferences See "IDS Protection tab field descriptions" on page 205. 1 In the SGMI, in the left pane, click IDS/IPS. 2 In the right pane, on the IDS Protection tab, under IDS Signatures, from the Name drop-down list, select an IDS signature. To apply the preferences to all the signatures, click >>Select All
-
1 -
2
-
3
-
4
-
5
-
6
-
7
-
8
-
9
-
10
-
11
-
12
-
13
-
14
-
15
-
16
-
17
-
18
-
19
-
20
-
21
-
22
-
23
-
24
-
25
-
26
-
27
-
28
-
29
-
30
-
31
-
32
-
33
-
34
-
35
-
36
-
37
-
38
-
39
-
40
-
41
-
42
-
43
-
44
-
45
-
46
-
47
-
48
-
49
-
50
-
51
-
52
-
53
-
54
-
55
-
56
-
57
-
58
-
59
-
60
-
61
-
62
-
63
-
64
-
65
-
66
-
67
-
68
-
69
-
70
-
71
-
72
-
73
-
74
-
75
-
76
-
77
-
78
-
79
-
80
-
81
-
82
-
83
-
84
-
85
-
86
-
87
-
88
-
89
-
90
-
91
-
92
-
93
-
94
-
95
-
96
-
97
-
98
-
99
-
100
-
101
-
102
-
103
-
104
-
105
-
106
-
107
-
108
-
109
-
110
-
111
-
112 -
113 -
114 -
115 -
116 -
117 -
118 -
119 -
120 -
121 -
122 -
123
-
124
-
125
-
126
-
127
-
128
-
129
-
130
-
131
-
132
-
133
-
134
-
135
-
136
-
137
-
138
-
139
-
140
-
141
-
142
-
143
-
144
-
145
-
146
-
147
-
148
-
149
-
150
-
151
-
152
-
153
-
154
-
155
-
156
-
157
-
158
-
159
-
160
-
161
-
162
-
163
-
164
-
165
-
166
-
167
-
168
-
169
-
170
-
171
-
172
-
173
-
174
-
175
-
176
-
177
-
178
-
179
-
180
-
181
-
182
-
183
-
184
-
185
-
186
-
187
-
188
-
189
-
190
-
191
-
192
-
193
-
194
-
195
-
196
-
197
-
198
-
199
-
200
-
201
-
202
-
203
-
204
-
205
-
206
-
207
-
208
-
209
-
210
-
211
-
212
-
213
-
214
-
215
-
216
-
217
-
218
 |
 |
117
Preventing attacks
Enabling advanced protection settings
■
Block/Don’t Warn
Drop the packet; but do not log.
You can configure the following options for enabling and disabling IDS/IPS
signature detection and logging:
■
Select All to enable or disable detection of ALL signatures.
■
Enable/disable detection of each signature individually.
To set protection preferences
See
“IDS Protection tab field descriptions”
on page 205.
1
In the SGMI, in the left pane, click
IDS/IPS
.
2
In the right pane, on the IDS Protection tab, under IDS Signatures, from the
Name drop-down list, select an IDS signature.
To apply the preferences to all the signatures, click
>>Select All<<
.
3
Under Protection settings, next to Action, select an action.
4
Next to Protection Area, select an interface to protect.
5
Click
Update
.
Enabling advanced protection settings
Advanced protection settings help you protect your network beyond attacks that
can be identified by atomic signatures.
IP spoofing protection
Any non-broadcast or multicast packet arriving on a WAN interface with a
source IP address that matches any internal subnet is blocked and flagged as an
IP spoofing attempt. Internal subnets are derived from the LAN side subnet
address of the appliance and the static route entries on the appliance for the
LAN interface.
Likewise, any non-broadcast or non-multicast traffic that arrives at the internal
or wireless interface with a source IP address that does not match any
predefined internal network is blocked and logged as an internal IP spoofing
attempt. Internal networks are derived from static routes on the unit and the
internal LAN/WLAN address of the unit. Spoof protection can be disabled for the
internal LANs and WAN.
To configure IP spoof protection
See
“IDS Protection tab field descriptions”
on page 205.