7
Contents
Selecting pre-defined policies
..................................................................
114
Setting policies to interfaces
....................................................................
115
Applying to save changes
.........................................................................
115
Overriding blocking rules globally
..........................................................
115
Undoing policy settings
............................................................................
116
Adjusting the view of event types
...................................................................
117
Searching to create a subset of event types
...........................................
117
Adjusting the view by columns
................................................................
119
Viewing event type details
.......................................................................
119
Defining new protection policies
....................................................................
120
Adding or editing user-defined protection policies
..............................
121
Cloning existing protection policies
.......................................................
121
Enabling or disabling logging rules
........................................................
122
Enabling or disabling blocking rules
......................................................
123
Deleting user-defined protection policies
..............................................
125
Updating policies automatically
.....................................................................
125
Annotating policies and events
.......................................................................
126
Backing up protection policies
........................................................................
128
Chapter
6
Responding
About response rules
.........................................................................................
129
About automated responses
.............................................................................
131
Managing response rules
..................................................................................
132
Viewing response rules
.............................................................................
132
Adding new response rules
......................................................................
133
Editing response rules
...............................................................................
134
Searching event types
...............................................................................
134
Deleting response rules
............................................................................
135
Saving or reverting changes
....................................................................
135
Backing up response rules
........................................................................
135
Setting response parameters
...........................................................................
136
Setting event targets
.................................................................................
136
Setting event types
....................................................................................
136
Setting severity levels
...............................................................................
137
Setting confidence levels
..........................................................................
139
Setting event sources
................................................................................
139
Setting response actions
...........................................................................
140
Setting next actions
...................................................................................
140
Setting response actions
...................................................................................
141
Setting no response action
.......................................................................
142
Setting email notification
.........................................................................
142
Setting SNMP notification
........................................................................
145
Setting TrackBack response action
.........................................................
147