McAfee M-1250 Network Protection - Page 23
Overly coarse traffic VIDS definition that contains very disparate applications.
![]() |
View all McAfee M-1250 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 23 highlights
McAfee® Network Security Platform 6.0 Configure policies can use against your network: the fact that the attack failed can help him zero in on the type of Web server you use. Users can also better manage this type of events through policy customization or installing attack filters. The noise-to-incorrect-identification ratio can be fairly high, particularly in the following conditions: • The configured policy includes a lot of Informational alerts, or scan alerts which are based on request activities (such as the All Inclusive policy) • Deployment links where there is a lot of hostile traffic, such as in front of a firewall • Overly coarse traffic VIDS definition that contains very disparate applications. For example: a highly aggregated link in dedicated interface mode Users can effectively manage the noise level by defining appropriate VIDS and customize the policy accordingly. For dealing with exceptional hosts, such as a dedicated pentest machine, attack filters can also be used. 15
![](/manual_guide/products/mcafee-m1250-network-protection-260e040/23.png)