Symantec 10521146 Administration Guide - Page 138
Setting the severity level, Configuration, Response Rules, Severity
UPC - 037648268134
View all Symantec 10521146 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 138 highlights
138 Responding Setting response parameters system gains information about the network, it integrates characteristics that influence the levels to reflect the current state of the network security. Because the traffic on every network is different, the severity levels specified in the response rule parameters are relative values and contain no inherent absolute definition. The creation of response rules in general and the selection of severity levels for the specific response rules requires fine-tuning to existing security response rules, as well as to the network traffic and ambient conditions. If the severity assigned during analysis equals the severity level defined in the response rule, as well as all other parameters defined in the response rule, then Symantec Network Security responds to the incident by performing the action associated with the response rule. SuperUsers and Administrators can also specify that the action execute only if the incident priority level falls above or below that of a particular severity level. Possible severity parameter values include informational, low, medium, high, and critical. Setting the severity level The Network Security console provides a way to set the severity level of the response rule using Severity. To set the severity level 1 In the Network Security console, click Configuration > Response Rules. 2 Click the Severity cell of the response policy table row. 3 Select one of the following symbols: ■ Less than () ■ Equal to (=) 4 Select one of the following severity levels from the pull-down list: ■ Any ■ Critical ■ High ■ Medium ■ Low ■ Informational