Symantec 10268947 User Guide - Page 79
About next actions, About response actions
UPC - 037648243766
View all Symantec 10268947 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 79 highlights
Response Rules 79 About response actions ■ About export flow response action About next actions The Network Security console provides a way to direct a sequence of response rules that conclude with a follow-up action by using Next Action. The Next parameter determines whether or not Symantec Network Security continues checking for additional response rules that match the incident. Possible values are Stop, Continue to Next Rule, and Jump to Rule. The Continue to Next Rule value directs Symantec Network Security to search for the next matching response rule after executing the current response rule. This enables Symantec Network Security to make multiple responses to any particular incident type, in combination with each other and in a desired sequence. The Jump to Rule value directs Symantec Network Security to skip over intervening response rules and go directly to a particular response rule, such as from Rule 5 to Rule 8. The Stop value directs Symantec Network Security to discontinue searching for matching response rules. About response actions Configurable response parameters indicate which action Symantec Network Security will take if the event target, attack type, severity, confidence level, and event source parameters match the incident. The SuperUser or Administrator can define and customize response actions from the Network Security console. If you specify a Smart Agent response action, the policy manager sends the respective values to the appropriate Smart Agent. In Configuration > Response Rules, select a rule, and click the Response Actions column to view the list of actions that Symantec Network Security can take in response to an incident. Symantec Network Security can respond to an incident via the following response actions: ■ About no response action ■ About email notification ■ About SNMP notification ■ About TrackBack response action ■ About custom response action ■ About TCP reset response action ■ About traffic record response action ■ About console response action