Cisco SA520-K9 Administration Guide - Page 134
Configuring Peer-to-Peer Blocking and Instant Messaging, IPS > IM and P2P Blocking, Options
UPC - 882658266744
View all Cisco SA520-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 134 highlights
Intrusion Prevention System Configuring Peer-to-Peer Blocking and Instant Messaging 5 Configuring Peer-to-Peer Blocking and Instant Messaging You can configure the appliance to block Peer-to-Peer (P2P) and Instant Message (IM) traffic on the security appliance. From the IM and P2P blocking page, you can specify what type of P2P and IM applications (such as Gnutella, BitTorrent, AOL, or Yahoo) are blocked. STEP 1 Click IPS > IM and P2P Blocking. STEP 2 Choose the inspection settings for each category or for each signature within each category. • To select an inspection setting for an IPS category, click an option in the category heading row. • To expand the signatures under a category, click the + button next to the category heading. To hide the signatures, click the - button. • To select an inspection setting for an individual signature, click an option in the entry row for that signature. Options: • Disabled: Choose this option to disable checking for this service. • Detect Only: Choose this option to check for attacks on this service and to log a message upon detection.This option is mostly used for troubleshooting purposes • Detect and Prevent: Choose this option to check for and prevent attacks for this service. Upon detection, a message is logged and a preventative action is taken. For IPS messages to be logged, you must configure IPS as the facility. For more information, see Logs Facility and Severity, page 189 STEP 3 Click Apply to save your settings. Cisco SA500 Series Security Appliances Administration Guide 134