Symantec 10268947 User Guide - Page 82
About console response action
UPC - 037648243766
View all Symantec 10268947 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 82 highlights
82 Response Rules About response actions Note: This response action records only fully assembled packets from actual flows, not malformed packets or packet fragments. You can view detected packet contents in the Advanced tab of Event Details. See "Viewing event details" on page 197. About console response action Symantec Network Security can initiate an action on the Network Security console in response to an attack. A SuperUser or Administrator can configure the response rule to play an alert sound and/or to execute a program on the Network Security console. Any user can enable each Network Security console individually to execute console response actions. The minimum delay between responses is 1 minute. Enabling console response actions You must enable console response actions on each Network Security console individually. To enable specific console response actions 1 In the Network Security console, click Configuration > Response Rules. 2 In Response Rules, click Configuration > Console Response Configuration. 3 In Local Console Configuration, choose from the following checkboxes: ■ Play Alert Sounds: Click this to enable this Network Security console to emit an alert sound when triggered by an event. ■ Execute Programs: Click this to enable this Network Security console to perform the console response action. 4 In Local Console Configuration, click OK to save and close. Note: The Network Security console must be running in order for Symantec Network Security to execute the console response action. If a Network Security console starts after console response events are sent, it does not execute the actions. Instead, upon startup, it displays a prompt indicating that the actions did not execute. About export flow response action The export flow response action exports matching flows stored in the flow data store. The action is based on the characteristics of the triggering events, which