McAfee M-1250 IPS Configuration Guide - Page 44
Severity, Sensor Response, Enable Alert, Response > Logging, Notifications, Sensor Actions, Logging - review
View all McAfee M-1250 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 44 highlights
McAfee® Network Security Platform 5.1 Managing IPS settings 4 (Optional) Select the Severity for all selected attacks from the drop-down list. If there are multiple attacks with different severities, respectively, this action assigns the same severity across all selected attacks. 5 In the Sensor Response area, by default, the Enable Alert checkbox is empty. However, all attacks marked as "Enabled" in the "Configure Attack Detail for Attack Category: " table remain enabled. Note that the Response > Logging sub-tab as well as the Notifications area are unavailable for configuration: these areas become available once you select the Enable Alert check box. Do one of the following: Click the Enable Alert check box. Go to Step 6. Note: See Customizing responses for an exploit attack (on page 19) for all response parameter descriptions. Select Sensor responses (Sensor Actions). You can choose Sensor responses without checking Enable Alert. Go to the next step. 6 Click the Logging tab. 7 Select the Logging responses you want applied to all attacks. You must click both Enable Logging and Capture 128 Bytes check boxes to enable both logging responses. Figure 35: Logging Responses Selection 8 Go back to the Sensor Actions tab. 9 Select the check boxes next to the Sensor responses you want active for all attacks. 10 In the Notifications region, select the checkbox next to the notifications you want active for all attacks. Refer to Exploit attack notification (on page 21) for notification descriptions. 11 Click OK at the bottom of the window. A review page displays your customizations. 36